All Products
Search
Document Center

Elastic Compute Service:Use Alibaba Cloud Client to manage ECS instances

Last Updated:Mar 29, 2024

You can use Alibaba Cloud Client to view and connect to Elastic Compute Service (ECS) instances, elastic container instances, simple application servers, and instances managed by Alibaba Cloud. This topic describes how to use Alibaba Cloud Client to view, connect to, and manage ECS instances.

Prerequisites

One or more accounts are added to Alibaba Cloud Client. For more information, see Add accounts to Alibaba Cloud Client.

View ECS instances

  1. On the homepage of Alibaba Cloud Client, click ECS.

  2. On the Instances page, you can view information about ECS instances, as shown in the following figure.

    查看ECS实例.png

    • ①: This section shows the location information of ECS instances. You can click the icon on the right side of the Region field to switch to a different region.

    • ②: This section shows the list of ECS instances.

    • ③: This section shows the pagination toolbar. You can navigate through pages by using the pagination toolbar.

    • ④: This section shows the instance search box.

      1. Enter an instance ID, public IP address, private IP address, or instance name.

      2. Press the Enter key to search for instances in the current region. You can enter a keyword for fuzzy search by instance name.

    • ⑤: This section shows the Actions menu that provides buttons for performing the following actions:

      • Actions to connect to instances

      • Actions to start, stop, and release instances

      • Actions to configure release protection settings (only for pay-as-you-go instances)

      • Actions to view the monitoring information, security groups, and details of instances

Connect to an ECS instance

Connect to an ECS instance by using Remote Desktop

You can use the public IP address of an ECS instance or Cloud Assistant in Alibaba Cloud Client to connect to the instance.

Important
  • You can use this method to connect to an ECS instance only if the instance runs Windows.

  • The Windows instance to which you want to connect must be in the Running state.

  • The Windows instance is assigned a public IP address, or Cloud Assistant Agent is installed on the Windows instance and Cloud Assistant is online.

    For more information about Cloud Assistant, see Cloud Assistant overview.

  1. On the homepage of Alibaba Cloud Client, click ECS.

  2. In the upper-left corner of the Instances page, select the region of the instance to which you want to connect.

  3. Perform the following steps based on whether the Windows instance is assigned a public IP address and whether Cloud Assistant is online:

    • A public IP address is assigned

      1. Find the instance to which you want to connect and choose Actions > Start Remote Desktop in the Actions column.

      2. In the Remote Desktop Connection dialog box, click Connect.

      3. Enter the password of the Windows instance as prompted and click OK.

    • No public IP address is assigned, but Cloud Assistant is online

      1. Find the instance to which you want to connect and choose Actions > Remote Desktop (via Cloud Assistant) in the Actions column.

      2. In the dialog box that appears, configure the parameters and click Start.

        Set the Remote Port parameter to the port used to access services on the instance and the Local Port parameter to the port listened to on your computer. Turn on or turn off Print Request and Print Response. Specify whether to open http://localhost:8080/ after started.

      3. In the Remote Desktop Connection dialog box, click Connect.

      4. Enter the password of the Windows instance as prompted and click OK.

Connect to an ECS instance over SSH

You can use the public IP address of an ECS instance or Cloud Assistant in Alibaba Cloud Client to connect to the instance over SSH.

Important
  • You can use this method to connect to an ECS instance only if the instance runs Linux.

  • The Linux instance must be in the Running state.

  • A public IP address is assigned to the Linux instance, or Cloud Assistant Agent is installed on the Linux instance and Cloud Assistant is online.

  1. On the homepage of Alibaba Cloud Client, click ECS.

  2. In the upper-left corner of the Instances page, select the region of the instance to which you want to connect.

  3. Find the instance to which you want to connect and perform the following operations based on whether a public IP address is assigned to the instance:

    • A public IP address is assigned

      In the Actions column, choose Actions > Start SSH.

    • No public IP address is assigned, but Cloud Assistant is online

      In the Actions column, choose Actions > Start SSH (via Cloud Assistant).

  4. Configure the Username parameter. Default value: root. You can specify a username based on your business requirements. Configure the Port Num parameter. Default value: 22. You can specify a port number based on your business requirements. Configure the Certifier parameter.

    Valid values of Certifier:

    • Password: Enter the password of the ECS instance.

      Note

      In Alibaba Cloud Client, you can click the Settings icon in the upper-right corner. On the Settings page, click SSH in the left-side navigation pane. Then, configure the Save Password to parameter. To save the instance password to the /.aliyun/secrets.json file on your computer, set the parameter to Local File. To save the instance password to Key Management Service (KMS), set the parameter to KMS. For more information, see Configure the settings of Alibaba Cloud Client.

    • Identity: Select an SSH private key file from the ~/.ssh/ directory or another directory on your computer.

    • Temp KeyPair: A temporary key pair is generated and sent to the instance. The key pair is valid for 1 minute. This method eliminates the need to manage passwords and key files.

    We recommend that you use a temporary key pair. This way, you can connect to the instance without providing a password or public IP address. Resource Access Management (RAM) can be used to control the connection permissions.

  5. Click Connect.

Connect to an instance by using Session Manager

You can use Session Manager in Alibaba Cloud Client to connect to instances without specifying passwords or public IP addresses or opening SSH or Remote Desktop Protocol (RDP) ports.

Important

Before you connect to an ECS instance by using Session Manager, make sure that the instance meets the prerequisites that are described in the Connect to an instance by using Session Manager topic. Otherwise, you cannot click Start Session Manager in the Actions column, or you fail to connect to the instance.

  1. On the homepage of Alibaba Cloud Client, click ECS.

  2. In the upper-left corner of the Instances page, select the region of the instance to which you want to connect.

  3. Find the instance to which you want to connect and choose Actions > Start Session Manager in the Actions column.

    By default, after the instance is connected, you are logged on as ecs-assist-user if the instance runs Linux or as the system user if the instance runs Windows.

Connect to an instance by using the port forwarding feature of Cloud Assistant

You can use the port forwarding feature of Cloud Assistant to forward network traffic from a port on your computer to an ECS instance without the need to specify the public IP address of the instance. Then, you can access the services that are running on the instance in a secure and convenient manner.

Note

Assume that the MySQL service uses port 3306 on your instance. Your computer on which Alibaba Cloud Client is installed runs a Linux operating system. You can use the port forwarding feature to access the MySQL service on the instance from port 13306 on your computer.

The port forwarding feature has the following benefits:

  • The operations on Alibaba Cloud Client can be audited and are secure and controllable.

  • RAM can be used to control the connection permissions.

  • The port forwarding feature can be used to access port 22 on instances to allow specific users to connect to the instances over SSH.

  • The port forwarding feature can be used to access HTTP ports and web applications on instances without the need to specify the public IP addresses of the instances.

  1. On the homepage of Alibaba Cloud Client, click ECS.

  2. In the upper-left corner of the Instances page, select the region of the instance to which you want to connect.

  3. Find the instance to which you want to connect and choose Actions > Port Forward (via Cloud Assistant) in the Actions column.

  4. Set the Remote Port parameter to the port used to access services on the instance and the Local Port parameter to the port listened to on your computer. Turn on or turn off Print Request and Print Response. Specify whether to open http://localhost:8080/ after started.

  5. Click Start.

Manage ECS instances

Manage instance status

You can use Alibaba Cloud Client to change the status of an ECS instance based on your business requirements.

Start an instance

  1. On the homepage of Alibaba Cloud Client, click ECS.

  2. In the upper-left corner of the Instances page, select the region of the instance to which you want to connect.

  3. Find the instance that you want to start and choose Actions > Start Instance in the Actions column.

  4. In the message that appears, check instance information and click Start Instance.

Stop an instance

  1. On the homepage of Alibaba Cloud Client, click ECS.

  2. In the upper-left corner of the Instances page, select the region of the instance to which you want to connect.

  3. Find the instance that you want to stop and choose Actions > Stop Instance in the Actions column.

  4. In the message that appears, check instance information and click Stop Instance.

Restart an instance

  1. On the homepage of Alibaba Cloud Client, click ECS.

  2. In the upper-left corner of the Instances page, select the region of the instance to which you want to connect.

  3. Find the instance that you want to restart and choose Actions > Reboot Instance in the Actions column.

  4. In the message that appears, check instance information and click Reboot Instance.

Release an instance

  1. On the homepage of Alibaba Cloud Client, click ECS.

  2. In the upper-left corner of the Instances page, select the region of the instance to which you want to connect.

  3. Find the instance that you want to release and choose Actions > Delete Instance in the Actions column.

  4. In the message that appears, check instance information and click Delete Instance.

Reset an instance password

You can use Cloud Assistant to reset the logon password for an ECS instance. Asymmetric encryption is used to securely transmit the new password. This prevents unauthorized decryption. The new password immediately takes effect and you do not need to restart the instance.

  1. On the homepage of Alibaba Cloud Client, click ECS.

  2. In the upper-left corner of the Instances page, select the region of the instance to which you want to connect.

  3. Find the instance for which you want to reset the logon password and choose Actions > Reset Instance Password in the Actions column.

  4. In the Reset Instance Password dialog box, enter and confirm a new password, enable password authentication or retain original settings, and then click Reset Password.

    When the password reset task is complete, you can use the new password to manage your ECS instance.

Enable release protection for an instance

You can enable the release protection feature for your pay-as-you-go instances that run critical workloads. This feature prevents your pay-as-you-go instances from being manually released due to accidental operations. For more information about instance release protection, see Enable or disable release protection for ECS instances.

Important

This feature is available only for pay-as-you-go instances.

  1. On the homepage of Alibaba Cloud Client, click ECS.

  2. In the upper-left corner of the Instances page, select the region of the instance to which you want to connect.

  3. Find the instance for which you want to enable release protection and choose Actions > Set Deletion Protection in the Actions column.

  4. In the message that appears, check instance information and click Set Deletion Protection.

View the information of an instance

View instance attributes

You can view the attributes of an instance, including the instance name, hostname, instance type, operating system, and Cloud Assistant status.

  1. On the homepage of Alibaba Cloud Client, click ECS.

  2. In the upper-left corner of the Instances page, select the region of the instance to which you want to connect.

  3. Find the instance whose attributes you want to view and choose Actions > Show Properties in the Actions column.

View the monitoring information of an ECS instance

You can view the monitoring information of an instance, such as CPU utilization, Internet bandwidth, and disk read/write rate.

  1. On the homepage of Alibaba Cloud Client, click ECS.

  2. In the upper-left corner of the Instances page, select the region of the instance to which you want to connect.

  3. Find the instance whose monitoring information you want to view and use one of the following methods to view the monitoring information:

    • Method 1: In the Actions column, choose Actions > View Instance Monitor.

    • Method 2: In the Monitoring column, click the 监控图标.png icon.

View the security groups of an instance

You can use Alibaba Cloud Client to view the security groups of an ECS instance. For more information, see Security group overview.

  1. On the homepage of Alibaba Cloud Client, click ECS.

  2. In the upper-left corner of the Instances page, select the region of the instance whose security groups you want to view.

  3. Find the instance whose security groups you want to view and choose Actions > View Security Groups in the Actions column.

    You can view the IDs, names, types, and rules of the security groups to which the instance belongs.

  4. Optional. You can click the value in the Egress Rules or Ingress Rules column that corresponds to each security group to create rules, delete rules, or view the details of rules in the security group.

    • Add an inbound or outbound security group rule

      1. Click Add Inbound Rule or Add Outbound Rule above the list of security group rules.

      2. Configure parameters for the rule. For more information, see Security group rules.

    • Modify an authorization policy

      1. In the security group rule list, find the rule whose authorization policy you want to modify and click Modify Policy in the Actions column.

      2. In the message that appears, select Allow or Deny and click Modify Policy.

    • Delete a security group rule

      Find the rule that you want to delete and choose Actions > Revoke Rule in the Actions column.

    • View the details of an inbound or outbound security group rule.

      Find the rule that you want to view and choose Actions > Show Inbound Rule Properties or Actions > Show Outbound Rule Properties in the Actions column to view the attributes of the rule.

View and manage files on an instance

You can use Alibaba Cloud Client to view and manage files or directories on an ECS instance. For example, you can create directories and upload or download files.

Important
  • This feature is available only for Linux instances.

  • The Linux instance is in the Running state.

  • A public IP address is assigned to the Linux instance.

  1. On the homepage of Alibaba Cloud Client, click ECS.

  2. In the upper-left corner of the Instances page, select the region of the instance to which you want to connect.

  3. Find the instance to which you want to connect and choose Actions > Start SFTP in the Actions column.

  4. Configure the Username parameter. Default value: root. You can specify a username based on your business requirements. Configure the Port Num parameter. Default value: 22. You can specify a port number based on your business requirements. Configure the Certifier parameter.

    Valid values of Certifier:

    • Password: Enter the password of the ECS instance.

      Note

      In Alibaba Cloud Client, you can click the Settings icon in the upper-right corner. On the Settings page, click SSH in the left-side navigation pane. Then, configure the Save Password to parameter. To save the instance password to the /.aliyun/secrets.json file on your computer, set the parameter to Local File. To save the instance password to Key Management Service (KMS), set the parameter to KMS. For more information, see Configure the settings of Alibaba Cloud Client.

    • Identity: Select an SSH private key file from the ~/.ssh/ directory or another directory on your computer.

    • Temp KeyPair: A temporary key pair is generated and sent to the instance. The key pair is valid for 1 minute. This method eliminates the need to manage passwords and key files.

    We recommend that you use a temporary key pair. This way, you can connect to the instance without providing a password or public IP address. Resource Access Management (RAM) can be used to control the connection permissions.

  5. Click Connect.

    In the file list, you can view and manage the files and directories on the Linux instance.

    • Manage directories

      • Create a directory: Click Create Directory above the file list.

      • Upload a directory: Click Upload Directory above the file list.

      • Download a directory: Find the directory that you want to download and choose Actions > Download Directory.

      • Delete a directory: Find the directory that you want to delete and choose Actions > Delete Directory.

        Important

        Deleted directories cannot be recovered. Exercise caution when you delete directories.

      • View directory information: Find the directory whose information you want to view and choose Actions > View File Property.

    • Manage files

      • Upload a file: Click Upload File above the file list.

      • Download a file: Find the file that you want to download and choose Actions > Download File.

      • Delete a file: Find the file that you want to delete and choose Actions > Delete File.

        Important

        Deleted files cannot be recovered. Exercise caution when you delete files.

      • View file information: Find the file whose information you want to view and choose Actions > View File Property.

Go to the ECS console from Alibaba Cloud Client

If you do not want to use Alibaba Cloud Client to view and manage your ECS instances, you can go to the ECS console. To redirect from Alibaba Cloud Client to the ECS console, perform the following steps:

  1. On the homepage of Alibaba Cloud Client, click ECS.

  2. In the upper-left corner of the Instances page, select the region of the instance that you want to manage.

  3. Find the instance that you want to manage and choose Actions > Go to the ECS Console in the Actions column.

    For more information, see View instance information.