Elastic Compute Service:ECS quick reference

Purchase and use ECS instances

You can understand the complete lifecycle of an instance, from selection and purchase to usage, operation, maintenance, and eventual release, through the following steps.

1. Understand Instance Families:

   Before purchasing an ECS instance, it's important to familiarize yourself with the features, available options, and suitable use cases for various ECS instance families. This ensures you select an instance family that aligns with your specific business needs. For more information, see instance families.

2. Understand Billing Methods:

   Various billing methods cater to distinct business needs. Subscription is typically ideal for continuous 24/7 services, whereas pay-as-you-go is more appropriate for applications or services experiencing fluctuating business volumes. For more information, see an overview of billing methods.

3. Purchase ECS Instances:

   • Quick purchase one-click subscription: This feature allows you to swiftly acquire a specific ECS instance type and image within minutes. However, it supports only certain configurations, and most options are not customizable.

   • Custom purchase instance enables you to select from a variety of image types, instance types, storage options, bandwidth, security groups, and additional configurations to tailor your cloud resources to your specific business needs.

   For additional details on purchasing instances, see Create Instance.

4. Remote Connection to Instances:

   • You can utilize tools such as Workbench, session management, VNC, among others, to remotely log on and manage ECS instances. For more information, see ECS remote connection methods overview.

   • If you did not set a logon password during the creation of an ECS instance, or if you have forgotten the ECS instance's logon password, you must reset it. For more information, see reset instance logon password.

5. Use ECS to Deploy Common Environments, Websites, Applications, and More:

   • For instructions on uploading or downloading files, see upload or download files.

   • To deploy a basic environment, see setting up the environment.

   • For deploying common website services, refer to setting up a website.

   • To deploy common application services, including databases and code hosting platforms, see how to set up applications.

6. Manage ECS Instance Status:

   • Start instance: If an instance is stopped and is not providing services as expected, you need to start the instance to resume its functionality.

   • Stop instance: To perform certain operations, it is necessary to stop the instance. These operations include changing the instance's operating system, modifying its private IP address, or altering the instance type of a pay-as-you-go instance.

   • Restart instance: Restarting is a routine maintenance procedure for cloud servers, typically used for system updates or to apply and save configuration changes.

7. Release Instance Resources:

   If you no longer require ECS resources, release the instance promptly to prevent incurring additional costs. For more information, see release instance.

Change instance configurations

If the current ECS instance configuration does not meet your business needs, you can modify the instance type (vCPU and memory), public bandwidth configuration, expand cloud disk size, or replace the operating system as needed.

Change instance type

• Upgrade your subscription instance type or downgrade your subscription instance type.

• Switch the Instance Type of a Pay-As-You-Go Instance.

• Change instance type across zones: You can migrate ECS instances to different zones within the same region and alter the instance type, provided it remains within the same instance family (vCPU and memory).

Change bandwidth configuration

• Modify Fixed Public Bandwidth Subscription Instance Bandwidth: If you have a fixed public IP, you can modify both the billing method and the bandwidth value associated with it.

• Temporary Public Bandwidth Upgrade for Subscription Instances (Continuous Period): For subscription instances with temporary high-traffic demands, you can enhance the fixed public bandwidth for a designated continuous period. Once this period concludes, the bandwidth will automatically return to its original setting, helping to prevent unnecessary costs over the long term.

• Change EIP Bandwidth: When using an Elastic IP Address (EIP), you can modify the peak bandwidth and adjust the billing method by altering the EIP bandwidth settings.

Expand cloud disk

To accommodate increased data storage requirements, expand the capacity of your existing cloud disks. For detailed instructions, see the cloud disk expansion guide.

Replace instance operating system

• Replace Operating System (Replace System Disk): Performing this operation will substitute the current system disk and its image. Subsequently, the original system disk will be released, and all data on it will be erased. It is essential to create a snapshot backup of the system disk prior to initiating this process.

• Operating System Migration and Upgrade: If the operating system ceases technical support due to its lifecycle, third-party support changes, or the evolution of open-source plans, you can replace or migrate your ECS instance to a new operating system while preserving the system disk data of the ECS instance.

Manage billing

Switch between billing methods

Optimize costs

Manage data

Use block storage to store operating system and business data for instances, and regularly back up data through snapshots to enhance data reliability.

Block storage

Alibaba Cloud provides block storage for ECS, which includes cloud disks, local disks, and elastic temporary disks. Similar to physical hard disks, you can format these block storage devices and establish file systems on them when using them with ECS instances. For more information, see the block storage overview. The common operations for block storage usage are as follows:

• Create and Use Cloud Disks

  Cloud disks can be attached to ECS instances either as system disks, which store operating system data, or as data disks, which store business data. These cloud disks provide ECS instances with persistent storage capabilities. For detailed instructions, see the guide on creating and using cloud disks.

• Reinitialize Cloud Disks

  To wipe cloud disk data and revert the disk to its original state, you can opt to reinitialize it. For more information, see reinitializing cloud disks.

• Expand Cloud Disks

  Increase the capacity of your existing cloud disks to accommodate greater data storage requirements and prevent data loss from insufficient storage space. For detailed instructions, see the cloud disk expansion guide.

Snapshots

Snapshots create exact replicas of cloud disk data at specific points in time, serving as a crucial component for disaster recovery. They allow you to routinely back up the business data on cloud disks, safeguarding against potential data loss due to accidental deletions, security breaches, or virus infections. For more information, see the snapshot overview.

• Create Manual Snapshots

  It is advisable to create snapshots of cloud disks (both system and data disks) before undertaking significant actions such as rolling back cloud disks, altering critical system files, or replacing operating systems. Doing so provides a safety net, allowing you to use the snapshots to recover data and maintain business continuity should any unexpected issues or data loss arise during these operations.

  For detailed instructions on how to manually create snapshots for an individual cloud disk, see create snapshots.

• Create Automatic Snapshots

  You can set up automatic snapshot policies and link them to your cloud disks. Once linked, Alibaba Cloud will periodically generate snapshot backups for these disks based on the schedule defined in the policy. For detailed instructions, see creating an automatic snapshot policy and applying an automatic snapshot policy to cloud disks.

Manage networks

Building an elastic and scalable intranet environment in the cloud and implementing strict access control are key to network security.

Build VPC network

A Virtual Private Cloud (VPC) on Alibaba Cloud is a customizable private network built to your specifications. You have the flexibility to define your own IP address range, subnets, route tables, and network security policies. VPCs are isolated from each other at Layer 2, ensuring logical separation. By utilizing a VPC, you gain enhanced control over resource access, bolstering your data's security and flexibility. Familiarize yourself with VPC components and learn how to design, establish, and administer your VPCs. For more information, see VPC.

Enable public network

After activating the public network on an instance, it gains the ability to communicate over the Internet. You have the option to allocate a static public IP or associate an Elastic IP Address (EIP) with the instance to facilitate this connectivity. For more information, see enable public network.

VPC intranet access

Intranet access, in contrast to public network access, is fully isolated from external networks, making it ideal for secure and high-speed internal communications. For intranet access, you can utilize private IP addresses or private domain names. For more information, see VPC intranet access.

Improve network performance

Enhance network performance with eRDMA capabilities. Elastic RDMA (eRDMA) is Alibaba Cloud's self-developed elastic RDMA network, combining traditional RDMA network interface card advantages with VPC networks. Experience ultra-low latency and superior performance with eRDMA in the cloud. Methods for using eRDMA include the following:

• Utilize eRDMA with enterprise-level instances.

• For instructions on configuring eRDMA on GPU-accelerated instances, see this guide.

• Utilize eRDMA within Docker containers.

Improve IP management efficiency

Prefix lists can enhance IP management efficiency by consolidating one or more network prefixes (CIDR blocks) into a single set. These lists can be referenced when setting up network rules for various resources, allowing you to include commonly used CIDR blocks and eliminate the need to add multiple rules for different CIDR blocks, thus streamlining operations and maintenance processes.

Prefix lists now support references in security group rule configurations. For detailed instructions, see how to use prefix lists to enhance the efficiency of security group rule management.

Multiple applications multiple IPs

Elastic Network Interfaces (ENIs) enable multiple applications and IPs on a single instance. As virtual network interfaces, ENIs facilitate network connectivity and IP management for ECS instances within VPCs. An ECS instance can be associated with one or more ENIs, which support various IP configurations. This allows instances to serve or access multiple external resources using different IP addresses. For detailed instructions, see how to create and use ENIs.

Security protection

Enhance the security of your instances from various aspects using the features below. For additional security enhancement options, see ECS security.

Security groups

Security groups are virtual firewalls that control inbound and outbound traffic of ECS instances based on security group rules, preventing unauthorized access and intrusions. Learn about the composition and operations of security group rules:

• Security group rule structure includes authorization objects, port ranges, protocol types, and authorization policies, which can either allow or reject access, along with define priorities. For more information, see security group rules.

• To manage inbound and outbound ECS instance traffic and ensure network isolation and communication, you can create security groups and associate them with your ECS instances. For detailed instructions, see creating security groups and associating security groups with instances (primary network interface card).

• Managing security group rules allows you to add, modify, or delete rules within a security group. Any changes to the rules are automatically applied to all ECS instances associated with that security group. For detailed instructions, see managing security group rules.

Application Cases of Security Groups

We offer a variety of application cases for security groups in typical scenarios, illustrating how to set up security group rules to manage your network traffic effectively. For detailed information, see our guide on security group applications and examples.

Key pairs

Key pairs serve as secure login credentials for instances when using Secure Shell Protocol (SSH), offering significantly greater security than traditional user passwords and mitigating the risk of brute-force attacks. You can associate key pairs with instances for password-free access. For detailed instructions, see how to manually bind key pairs for password-free SSH login.

Deployment and elasticity

Resource expansion

Automatically create ECS instances to handle sudden increases in Internet traffic.

• Launch Templates

  Launch templates serve as a rapid deployment mechanism for creating ECS instances, allowing you to store custom configurations. With the ability to maintain multiple versions within each template, you can tailor different parameters for each version. This enables you to swiftly create instances using a chosen version of a desired template.

  For detailed instructions on creating launch templates and using these templates to create ECS instances, see create launch templates and use launch templates to create instances.

• Scaling Groups

  To automatically scale the number of ECS instances in response to fluctuating business demands, configure scaling groups that adjust computing resources accordingly. Create these scaling groups using existing ECS instances. For detailed instructions, see how to create scaling groups based on ECS instances.

Achieve high availability through deployment sets

Deployment sets are a method for organizing ECS instances on physical servers to avoid single points of failure and minimize network latency. Depending on your needs for high availability, network performance, and scale of deployment, you can select suitable deployment strategies. After choosing a strategy, you can establish deployment sets and then create or include ECS instances within these sets. For detailed instructions, see deployment sets.

IaC tools

Use Infrastructure as Code (IaC) tools to create and manage ECS resources more efficiently.

• Resource Orchestration Service (ROS) is an Alibaba Cloud service that streamlines the management of cloud computing resources and automates deployment using the Infrastructure as Code (IaC) approach. By defining the necessary cloud resources in a ROS template, the orchestration engine automatically handles the creation and configuration of resources as per the template, facilitating automated deployment and management.

  You can create stack templates through the ROS console or by using API operations for the rapid creation and management of resources. For detailed instructions, see create stack or API overview. Below are sample templates for frequently used ECS instances and associated resources:

  • You can manage multiple ECS instances using scaling groups.

  • You can create ECS instance groups and attach them to CLB instances.

• Terraform

  Terraform, an open-source Infrastructure as Code (IaC) tool, enables developers to define and provision infrastructure configurations with a declarative language. It simplifies the creation, modification, and deletion of ECS resources, reducing the complexity and potential for errors associated with manual operations, thereby enhancing infrastructure manageability and maintainability.

  You can install and configure Terraform to manage ECS instances. For detailed instructions, see the Terraform reference.

Operations and monitoring

Set alarms for instances

You can activate one-click alarms or configure custom alert rules for ECS instances to quickly identify and address potential risks. For detailed instructions, see setting ECS instance alert rules.

System events

Alibaba Cloud defines system events to log and alert you about the status of cloud resources, enabling you to identify risks and anomalies and facilitate automated operations and maintenance. For more information, see the ECS system events overview.

Automated O&M tools

• For more information, see Cloud Assistant.

  Cloud Assistant is an automated O&M tool for ECS, allowing batch command execution on instances without logging in or using jump servers. Automate tasks, poll processes, install or uninstall software, and apply patches or updates with Cloud Assistant.

• For more information, see CloudOps Orchestration Service (OOS).

  CloudOps Orchestration Service (OOS) is an automated O&M service that manages and executes O&M tasks in the cloud. Create templates to define tasks, sequences, inputs, and outputs, and automate task execution with OOS.

Migration services

With an understanding of ECS capabilities, consider migrating your on-premises services to the cloud.

Migrate to the cloud

You can transfer local physical servers, local virtual machines, or servers from other cloud providers to Alibaba Cloud either by importing custom images or utilizing the Server Migration Center, Alibaba Cloud's dedicated migration platform. For more information, see migrating to the cloud.

Cloud migration

Should you need to transfer Alibaba Cloud ECS instances between accounts or regions due to limited regional resources, cost optimization, disaster recovery, disk resizing, or other considerations, or if you want to migrate Simple Application Servers or Dedicated Host (DDH) to ECS instances, select the migration method that best fits your scenario. For more information, see cloud migration.

Development

Integrate ECS capabilities into your business systems programmatically to streamline operations and reduce management costs. This includes creating instances, modifying configurations, and executing O&M tasks. For more information, see the integration overview.

• Refer to the ECS OpenAPI for ECS operations via OpenAPI.

• Integration methods: ECS allows for cloud resource management via various methods, including SDK and CLI.