You can install Alibaba Cloud Client on your on-premises machine to browse, query, and connect to Elastic Compute Service (ECS) instances, elastic container instances, simple application servers, and Alibaba Cloud managed instances. This topic describes how to use Alibaba Cloud Client to manage managed instances. You can view, connect to, register, and deregister managed instances.
Prerequisites
Accounts are added to Alibaba Cloud Client. For more information, see Add accounts to Alibaba Cloud Client.
Session Manager can be used to connect to managed instances over SSH. Both Alibaba Cloud accounts and Resource Access Management (RAM) users can use Session Manager, but only Alibaba Cloud accounts have permissions to enable Session Manager.
If Session Manager is not enabled, you need to use an Alibaba Cloud account or contact the owner of an Alibaba Cloud account to enable Session Manager. For more information, see Connect to an instance by using Session Manager.
If you want to use Session Manager as a RAM user, you must make sure that the RAM user is granted permissions to call the StartTerminalSession operation. Policies that include the permissions must be attached to the RAM user. For more information about the policy examples, see Connect to an instance by using Session Manager. Make sure that your RAM user is granted secure and controllable permissions. To prevent unintended operations caused by improper management of or improper authorizations to RAM users, proceed with caution when you attach policies to RAM users.
ImportantIf one or more of the preceding prerequisites are not met, Start Session Manager becomes unavailable in the Actions column on the Instances page of Alibaba Cloud Client.
View managed instances
On the homepage of Alibaba Cloud Client, click Managed Instance.
On the Managed Instance page, you can view the information of managed instances, as shown in the following figure.
①: The region of managed instances. You can click the region to switch to another region.
②: The list of managed instances.
③: The pagination toolbar. You can navigate through pages by using the pagination toolbar.
④: The search box.
Enter a managed instance ID or name in the search box.
Press the Enter key to search for the instance in the current region.
⑤: The menu of actions that can be performed on managed instances, including:
Connect to a managed instance
Deregister a managed instance
View the details of a managed instance
⑥: The Register New Instances button.
Connect to a managed instance
Connect to a managed instance over SSH
On the homepage of Alibaba Cloud Client, click Managed Instance.
On the top of the managed instance list, select the region of the managed instance to which you want to connect.
Find the managed instance to which you want to connect. In the Actions column, choose
Specify Username. Default value: root. You can specify a username based on your business requirements. Specify Port Num. Default value: 22. You can specify a port number based on your business requirements. Set Certifier.
Valid values of Certifier:
Password: Enter a password for the managed instance.
Note In Alibaba Cloud Client, you can click the Configure system settings.icon in the upper-right corner. On the Settings page, click SSH in the left-side navigation pane. Then, specify the Save Password to parameter. To save the instance password to the /.aliyun/secrets.json file on your computer, set the parameter to Local File. To save the instance password to Key Management Service (KMS), set the parameter to KMS. For more information, seeKeyPair: Select an SSH private key file from the ~/.ssh/ directory or another directory on your computer.
Temp KeyPair: A temporary key pair is generated and sent to the instance. The key pair is valid for 1 minute. This method eliminates the need to manage passwords and key files.
Click Connect.
Connect to a managed instance by using Session Manager
You can use Session Manager in Alibaba Cloud Client to connect to instances without specifying passwords or public IP addresses or opening SSH or Remote Desktop Protocol (RDP) ports. Session Manager provides high security and ease of use. For information about how Session Manager works, see Session Manager.
On the homepage of Alibaba Cloud Client, click Managed Instance.
On the top of the managed instance list, select the region of the managed instance to which you want to connect.
Find the instance to which you want to connect. In the Actions column, choose
By default, the ecs-assist-user username is used to connect to the instance.
Deregister a managed instance
After you deregister a managed instance, the instance is removed from the list of managed instances in Alibaba Cloud Client and the list of managed instances on the Managed Instances tab in the Elastic Compute Service (ECS) console.
On the homepage of Alibaba Cloud Client, click Managed Instance.
On the top of the managed instance list, select the region of the managed instance to which you want to connect.
Find the managed instance that you want to deregister. In the Actions column, choose
.Click Deregister Instance.
View the properties of a managed instance
On the homepage of Alibaba Cloud Client, click Managed Instance.
On the top of the managed instance list, select the region of the managed instance to which you want to connect.
Find the managed instance whose properties you want to view. In the Actions column, choose
.You can view the properties of the managed instance, such as the instance name, hostname, operating system, and Cloud Assistant state.
Register a new managed instance
Perform the following steps to create a registration code in Alibaba Cloud Client and generate a script for you to install Cloud Assistant Agent and register a new instance.
On the homepage of Alibaba Cloud Client, click Managed Instance.
On the top of the managed instance list, select the region of the managed instance to which you want to connect.
On the top of the managed instance list, click Register New Instances.
In the Register New Instances dialog box, perform the following operations:
Configure the following parameters to create a registration code:
Instance Name Prefix: Enter a name prefix for managed instances for easy management.
Instances Quota: Enter the number of managed instances. Valid values: 1 to 1000. Default value: 10.
Validity Period: Enter a validity period for the registration code. Unit: hours. If the registration code is not used during its validity period, the code becomes invalid when the validity period ends and you must create another one. Valid values: 1 to 24. Default value: 4.
Source IP Address: Enter an IP address or CIDR block.
If you enter a public IP address, only the server that is assigned the IP address can be registered as a managed server. If you enter a CIDR block, only the servers whose IP addresses are within the specified CIDR block can be registered as managed instances.
If you do not specify this parameter, all servers can be registered as managed instances.
Click Next.
Click a tab based on the operating system type of the servers, copy the generated script, and then click Done.
Subsequently, you must use the script to install Cloud Assistant Agent on the servers and register the servers as managed instances. For more information, see Alibaba Cloud managed instances.
References
You can use Cloud Assistant to manage your managed instances in a password-free, logon-free manner. For more information, see Alibaba Cloud managed instances.
Alibaba Cloud Client can manage Alibaba Cloud managed instances, ECS instances, elastic container instances, and simple application servers.
You can configure the settings of Alibaba Cloud Client based on your business requirements. The settings of Alibaba Cloud Client include shortcut key settings and general settings such as language and color theme. For more information, see Configure the settings of Alibaba Cloud Client.