use ALIYUN::ECS::Instance to create an ECS instance - Resource Orchestration Service

ALIYUN::ECS::Instance is used to create an Elastic Compute Service (ECS) instance.

Syntax

{
  "Type": "ALIYUN::ECS::Instance",
  "Properties": {
    "DedicatedHostId": String,
    "Period": Number,
    "AutoRenew": String,
    "RamRoleName": String,
    "IoOptimized": String,
    "InternetChargeType": String,
    "PrivateIpAddress": String,
    "KeyPairName": String,
    "SystemDiskDiskName": String,
    "PeriodUnit": String,
    "Description": String,
    "Tags": List,
    "HostName": String,
    "AutoRenewPeriod": Number,
    "ImageId": String,
    "ResourceGroupId": String,
    "InstanceChargeType": String,
    "VSwitchId": String,
    "Password": String,
    "PasswordInherit": Boolean,
    "InstanceType": String,
    "SystemDiskCategory": String,
    "UserData": String,
    "SystemDiskSize": Number,
    "ZoneId": String,
    "InternetMaxBandwidthOut": Integer,
    "VpcId": String,
    "SpotStrategy": String,
    "InstanceName": String,
    "DeletionProtection": Boolean,
    "DeploymentSetId": String,
    "SecurityGroupIds": List,
    "SecurityGroupId": String,
    "SecurityEnhancementStrategy": String,
    "SpotPriceLimit": String,
    "HpcClusterId": String,
    "AllocatePublicIP": Boolean,
    "SystemDiskDescription": String,
    "SystemDiskPerformanceLevel": String,
    "DiskMappings": List,
    "SpotInterruptionBehavior": String,
    "ZoneIds": List,
    "SpotDuration": Integer,
    "CreditSpecification": String,
    "PrivatePoolOptions": Map,
    "StorageSetId": String,
    "HttpTokens": String,
    "HttpEndpoint": String,
    "Tenancy": String,
    "StorageSetPartitionNumber": Integer,
    "DeploymentSetGroupNo": Integer,
    "Affinity": String,
    "UseAdditionalService": Boolean,
    "ImageFamily": String
  }
}

Properties

Property	Type	Required	Editable	Description	Constraint
ResourceGroupId	String	No	Yes	The ID of the resource group.	None.
SpotInterruptionBehavior	String	No	No	The interruption mode of the preemptible instance.	Set the value to Terminate. A value of Terminate specifies that the system directly releases preemptible instances. Default value: Terminate.
ZoneIds	List	No	No	The zone IDs.	None.
SpotDuration	Integer	No	No	The protection period of the preemptible instance.	Valid values: 0 to 6. Unit: hour. 0: If you set this property to 0, the preemptible instance does not have a protection period. 2 to 6: The retention periods of 2, 3, 4, 5, and 6 hours are in invitational preview. If you want to set this property to one of the values, submit a ticket. 1 (default).
SecurityGroupIds	List	No	No	The IDs of the security groups.	You must specify SecurityGroupId or SecurityGroupIds.
ImageId	String	No	Yes	The image ID. You can use a public image, a custom image, or an Alibaba Cloud Marketplace image.	Public images support fuzzy match. To specify a public image, you can enter a partial image ID. Examples: If you enter ubuntu, the system matches it with the following image ID: ubuntu16_0402_64_20G_alibase_20170818.vhd. If you enter ubuntu_14, the system matches it with the following image ID: ubuntu_14_0405_64_20G_alibase_20170824.vhd. If you enter ubuntu1432, the system matches it with the following image ID: ubuntu_14_0405_32_40G_alibase_20170711.vhd. If you enter ubuntu_16_0402_32, the system matches it with the following image ID: ubuntu_16_0402_32_40G_alibase_20170711.vhd.
InstanceType	String	Yes	Yes	The ECS instance type.	For more information about ECS instance types, see Overview of instance families.
SecurityGroupId	String	No	No	The ID of the security group.	You must specify SecurityGroupId or SecurityGroupIds.
SecurityEnhancementStrategy	String	No	No	Specifies whether to enable security hardening.	Valid values: Active: enables security hardening. This value is valid only for public images. Deactive (default): disables security hardening. This value is valid for images of all types.
Description	String	No	Yes	The description.	The description must be 2 to 256 characters in length.
InstanceName	String	No	Yes	The instance name.	The name must be 2 to 128 characters in length. The name must start with a letter and cannot start with `http://` or `https://`. The name can contain letters, digits, colons (:), underscores (_), and hyphens (-). If you leave this property empty, the instance ID is used by default.
Password	String	No	Yes	The password that you want to use to log on to the ECS instance.	The password must be 8 to 30 characters in length. The password must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters. The following special characters are supported: `( ) ' ~ ! @ # $ % ^ & * - + = \| { } [ ] : ; < > , . ? / -`. If you specify this property, we recommend that you call Resource Orchestration Service (ROS) API operations over HTTPS to prevent the exposure of your password.
PasswordInherit	Boolean	No	No	Specifies whether to use the preset password of the image.	Valid values: true false (default) Note If you set this property to true, you must leave Password empty and make sure that the selected image has a preset password.
HostName	String	No	Yes	The hostname of the ECS instance.	The hostname must be at least two characters in length. The hostname cannot start or end with a period (.) or hyphen (-), or contain consecutive periods (.) or hyphens (-). For Windows instances, the hostname can be up to 15 characters in length, and can contain letters, digits, and hyphens (-). The hostname cannot contain periods (.) or only digits. For other instances such as Linux instances, the hostname can be up to 30 characters in length, and can contain letters, digits, and hyphens (-). Separate multiple segments in the hostname with periods (.).
AllocatePublicIP	Boolean	No	No	Specifies whether to assign a public IP address.	Valid values: true (default) false Note If you set InternetMaxBandwidthOut to a value that is greater than 0, the system assigns a public IP address.
PrivateIpAddress	String	No	No	The private IP address of the ECS instance in a virtual private cloud (VPC).	The specified IP address must not be used by other instances in the VPC.
InternetChargeType	String	No	Yes	The metering method for Internet usage.	Valid values: PayByBandwidth PayByTraffic (default)
InternetMaxBandwidthOut	Integer	No	Yes	The maximum outbound public bandwidth.	Valid values: 0 to 100. Default value: 0. Unit: Mbit/s.
IoOptimized	String	No	No	Specifies whether to create an I/O optimized instance.	Valid values: none: does not create an I/O optimized instance. optimized (default): creates an I/O optimized instance.
DiskMappings	List	No	Yes	The data disks that you want to attach to the ECS instance.	You can attach up to 16 data disks. For more information, see DiskMappings syntax and DiskMappings properties.
SystemDiskCategory	String	No	Yes	The category of the system disk.	Valid values: cloud: basic disk cloud_ssd: standard SSD cloud_efficiency: ultra disk cloud_essd: enhanced SSD (ESSD) ephemeral_ssd: local SSD For non-I/O optimized instances of a retired instance type, the default value is cloud. For instances of other types, the default value is cloud_efficiency.
SystemDiskDescription	String	No	No	The description of the system disk.	None.
SystemDiskDiskName	String	No	No	The name of the system disk.	The name must be 2 to 128 characters in length. The name must start with a letter and cannot start with `http://` or `https://`. The name can contain letters, digits, colons (:), underscores (_), and hyphens (-).
SystemDiskSize	Number	No	Yes	The size of the system disk.	Valid values: 20 to 500. Unit: GB. If you use a custom image to create a system disk, you must make sure that the size of the system disk is larger than the size of the custom image.
Tags	List	No	Yes	The custom tags that you want to add to the ECS instance.	You can specify up to 20 tags in the following format: `[{"Key": "tagKey", "Value": "tagValue"},{"Key": "tagKey2", "Value": "tagValue2"}]`. For more information, see Tags syntax and Tags properties.
UserData	String	No	Yes	The user data that you want to specify when you create the ECS instance.	The user data can be up to 16 KB in size. You do not need to convert the data into Base64-encoded strings. If the user data contains special characters, you must add the escape character (\) before each special character.
ZoneId	String	No	No	The zone ID.	None.
HpcClusterId	String	No	No	The ID of the Elastic High Performance Computing (E-HPC) cluster to which the ECS instance belongs.	None.
VpcId	String	No	No	The VPC ID.	None.
VSwitchId	String	No	No	The vSwitch ID.	None.
InstanceChargeType	String	No	No	The billing method of the ECS instance.	Valid values: PrePaid: subscription. If you set this property to PrePaid, you must make sure that your account has sufficient balance. If your account does not have sufficient balance, the ECS instance fails to be created. PostPaid (default): pay-as-you-go.
Period	Number	No	No	The billing cycle of the ECS instance.	Period is required when InstanceChargeType is set to PrePaid. Period is optional when InstanceChargeType is set to PostPaid.
KeyPairName	String	No	Yes	The name of the key pair that you want to use to log to the ECS instance.	For ECS Windows instances, you can ignore KeyPairName. For ECS Linux instances, password-based logons are disabled during initialization. To enhance the security of the instance, we recommend that you use key pairs for logons.
RamRoleName	String	No	No	The name of the Resource Access Management (RAM) role for the ECS instance.	For more information, see CreateRole and ListRoles.
SpotPriceLimit	String	No	No	The maximum hourly price of the ECS instance.	The value of this property can contain up to three decimal places. This property takes effect when SpotStrategy is set to SpotWithPriceLimit.
SpotStrategy	String	No	No	The bidding policy for the pay-as-you-go instance.	You must specify this property when InstanceChargeType is set to PostPaid. Valid values: NoSpot (default): The instance is created as a regular pay-as-you-go instance. SpotWithPriceLimit: The instance is created as a preemptible instance that has a user-defined maximum hourly price. SpotAsPriceGo: The instance is created as a preemptible instance whose bidding price is based on the market price at the time of purchase. The market price can be up to the pay-as-you-go price.
DedicatedHostId	String	No	No	The ID of the dedicated host on which you want to create the ECS instance.	You can call the DescribeDedicatedHosts operation to query the IDs of dedicated hosts. You cannot create preemptible instances on dedicated hosts. If you specify this property, the system ignores SpotStrategy and SpotPriceLimit in the request.
PeriodUnit	String	No	No	The unit of the subscription duration.	Valid values: Week Month (default)
AutoRenewPeriod	Number	No	No	The auto-renewal period.	You must specify this property when AutoRenew is set to True. Valid values when PeriodUnit is set to Week: 1, 2, and 3. Valid values when PeriodUnit is set to Month: 1, 2, 3, 6, and 12.
AutoRenew	String	No	No	Specifies whether to enable auto-renewal.	Valid values: True False (default) You must specify this property when InstanceChargeType is set to PrePaid.
DeletionProtection	Boolean	No	Yes	The deletion protection property for the ECS instance. You can use this property to specify whether you can delete the ECS instance in the ECS console or by calling the DeleteInstance operation.	Valid values: true: enables the deletion protection property for the ECS instance. false (default): disables the deletion protection property for the ECS instance. Note This property takes effect only for pay-as-you-go instances. This property can protect instances against manual deletion, but cannot protect instances against automatic deletion.
DeploymentSetId	String	No	No	The ID of the deployment set.	None.
SystemDiskPerformanceLevel	String	No	Yes	The performance level (PL) of the ESSD that you want to use as the system disk.	Valid values: PL0: An ESSD delivers up to 10,000 random read/write IOPS. PL1 (default): An ESSD delivers up to 50,000 random read/write IOPS. PL2: An ESSD delivers up to 100,000 random read/write IOPS. PL3: An ESSD delivers up to 1,000,000 random read/write IOPS. For more information about how to select the PL of the ESSD, see ESSDs.
CreditSpecification	String	No	Yes	The performance mode of the burstable instance.	Valid values: Standard: standard mode. For more information, see the "Standard mode" section of the Overview topic. Unlimited: unlimited mode. For more information, see the "Unlimited mode" section of the Overview topic.
PrivatePoolOptions	Map	No	No	The options of the private pool to use to start the ECS instance.	For more information, see PrivatePoolOptions properties.
StorageSetId	String	No	No	The ID of the storage set.	None.
HttpTokens	String	No	Yes	Specifies whether to forcefully use the security hardening mode (IMDSv2) to access the instance metadata.	Valid values: optional (default): does not forcefully use the security hardening mode (IMDSv2) to access the instance metadata. required: forcefully uses the security hardening mode (IMDSv2) to access the instance metadata. After you set this property to required, you cannot access the instance metadata in normal mode. Note For more information about the access modes of instance metadata, see Access mode of instance metadata.
HttpEndpoint	String	No	Yes	Specifies whether to enable the access channel for the instance metadata.	Valid values: enabled (default) disabled Note For more information about instance metadata, see Overview of ECS instance metadata.
Tenancy	String	No	No	Specifies whether to create the instance on a dedicated host.	Valid values: default (default): does not create the instance on a dedicated host. host: creates the instance on a dedicated host. If you do not specify `DedicatedHostId`, Alibaba Cloud selects a dedicated host for the instance.
StorageSetPartitionNumber	Integer	No	No	The maximum number of partitions in the storage set.	The value must be greater than or equal to 2.
DeploymentSetGroupNo	Integer	No	No	The group number of the deployment set group to which to deploy the instance. If the deployment set specified by DeploymentSetId uses the high availability group strategy (AvailabilityGroup), you can use DeploymentSetGroupNo to specify a deployment set group in the deployment set.	Valid values: 1 to 7.
Affinity	String	No	No	Specifies whether to associate the instance on a dedicated host with the dedicated host.	Valid values: default (default): does not associate the instance on a dedicated host with the dedicated host. When you start an instance that was stopped in economical mode and the original dedicated host of the instance has insufficient resources, the instance is deployed to another dedicated host in the automatic deployment resource pool. host: associates the instance on a dedicated host with the dedicated host. When you start an instance that was stopped in economical mode, the instance remains on the original dedicated host. If the original dedicated host of the instance has insufficient resources, the instance fails to be started.
UseAdditionalService	Boolean	No	No	Specifies whether to use the system configurations for virtual machines. Alibaba Cloud provides the Network Time Protocol (NTP) and Key Management Service (KMS) system configurations for Windows and the NTP and Yellowdog Updater, Modified (YUM) system configurations for Linux.	Valid values: true false
ImageFamily	String	No	No	The name of the image family.	You can specify this property to query the latest available image that belongs to the specified image family and use the image to create an instance. If you specify `ImageId`, you cannot specify ImageFamily. If you do not specify `ImageId` but use `LaunchTemplateId` or `LaunchTemplateName` to specify a launch template that has `ImageId` specified, you cannot specify ImageFamily. If you do not specify `ImageId` but use `LaunchTemplateId` or `LaunchTemplateName` to specify a launch template that does not have `ImageId` specified, you can specify ImageFamily. If you do not specify `ImageId` and do not specify `LaunchTemplateId` or `LaunchTemplateName`, you can specify ImageFamily. Note For more information about the image families that are associated with Alibaba Cloud official images, see Overview.

DiskMappings syntax

"DiskMappings": [
  {
    "Category": String,
    "DiskName": String,
    "Description": String,
    "Device": String,
    "SnapshotId": String,
    "PerformanceLevel": String,
    "Size": String
  }
]

DiskMappings properties

Property	Type	Required	Editable	Description	Constraint
Size	String	Yes	No	The size of the data disk.	Valid values: 20 to 500. Unit: GB.
Category	String	No	No	The category of the data disk.	Valid values: cloud: basic disk cloud_ssd: standard SSD cloud_essd: ESSD cloud_efficiency: ultra disk ephemeral_ssd: local SSD For I/O optimized instances, the default value is cloud_efficiency. For non-I/O optimized instances, the default value is cloud. If a custom image contains a data disk, you can change the disk category by setting Category to a desired data disk category in a ROS template when you create an ECS instance. Sample template: { "ROSTemplateFormatVersion": "2015-09-01", "Resources": { "Instance": { "Type": "ALIYUN::ECS::Instance", "Properties": { "InstanceName": "rostest", "ImageId": "m-2ze5ysugu8ss7nxr**", "InstanceType": "ecs.g6e.large", "Password": "Ros1", "IoOptimized": "optimized", "VSwitchId": "vsw-2zej7phc6euuelo8l", "VpcId": "vpc-2zebbi27bn7w42n30", "SecurityGroupId": "sg-2ze5bdyyg7sfrcv6**", "SystemDiskCategory": "cloud_essd", "DiskMappings": [ { "Category": "cloud_essd", "Size": 40, "Device": "/dev/xvdb" } ] } } } }
DiskName	String	No	No	The name of the data disk.	The name must be 2 to 128 characters in length. The name must start with a letter and cannot start with `http://` or `https://`. The name can contain letters, digits, underscores (_), colons (:), and hyphens (-).
Description	String	No	No	The description.	The description must be 2 to 256 characters in length, and cannot start with `http://` or `https://`.
Device	String	No	No	The mount target.	None.
PerformanceLevel	String	No	No	The PL of the ESSD that you want to use as the data disk.	Valid values: PL1 (default): An ESSD delivers up to 50,000 random read/write IOPS. PL2: An ESSD delivers up to 100,000 random read/write IOPS. PL3: An ESSD delivers up to 1,000,000 random read/write IOPS. For more information about how to select the PL of the ESSD, see ESSDs.
SnapshotId	String	No	No	The ID of the snapshot that you want to use for the data disk.	None.

Tags syntax

"Tags": [
  {
    "Value": String,
    "Key": String
  }
]

Tags properties

Property	Type	Required	Editable	Description	Constraint
Key	String	Yes	No	The tag key.	The tag key must be 1 to 128 characters in length, and cannot contain `http://` or `https://`. The tag key cannot start with `aliyun` or `acs:`.
Value	String	No	No	The tag value.	The tag value can be up to 128 characters in length, and cannot contain `http://` or `https://`. The tag value cannot start with `aliyun` or `acs:`.

PrivatePoolOptions syntax

"PrivatePoolOptions": [
  {
    "Id": String,
    "MatchCriteria": String
  }
]

PrivatePoolOptions properties

Property

Type

Required

Editable

Description

Constraint

String

The ID of the private pool. The ID of a private pool is the same as the ID of the elasticity assurance or capacity reservation for which the private pool is generated.

None.

MatchCriteria

String

The type of the private pool to use to start the instance. A private pool is generated after an elasticity assurance or a capacity reservation takes effect.

Valid values:

Open: open private pool. The system uses the capacity in a matching open private pool. If no matching open private pool exists, the system uses the capacity in public pools. When you set this property to Open, you do not need to specify PrivatePoolOptions.Id.
Target: specified private pool. The system uses the capacity in a specified private pool. If no capacity is available in the specified private pool, the instance fails to be started. When you set this property to Target, you must specify PrivatePoolOptions.Id.
None (default): no private pool. The system does not use the capacity in private pools.

PrivatePoolOptions.MatchCriteria must be set to None or left empty in the following scenarios:

Create a preemptible instance.
Create an instance in the classic network.
Create an instance on a dedicated host.

Return values

Fn::GetAtt

InstanceId: the ID of the ECS instance. The instance ID is a GUID that is generated by the system for an instance.
PrivateIp: the private IP address of the ECS instance in a VPC.
InnerIp: the private IP address of the ECS instance in the classic network.
PublicIp: the public IP address of the ECS instance in the classic network.
ZoneId: the zone ID of the ECS instance.
HostName: the hostname of the ECS instance.
PrimaryNetworkInterfaceId: the ID of the primary elastic network interface (ENI) that is attached to the ECS instance.
SecurityGroupIds: the IDs of the security groups to which the ECS instance belongs.

Examples

The following sample code provides examples on how to create the OpsEcsInstance and ProdEcsInstance ECS instances and configure the password-free logon of the OpsEcsInstance instance for the ProdEcsInstance instance.

If you want to receive signals of the execution results of user-data scripts of the ECS instances, you can configure ALIYUN::ROS::WaitCondition and ALIYUN::ROS::WaitConditionHandle. For more information, see ALIYUN::ROS::WaitConditionHandle and ALIYUN::ROS::WaitCondition.

YAML format

ROSTemplateFormatVersion: '2015-09-01'
Description: Creates VPC ECS instance
Metadata: {}
Parameters:
  VpcId:
    AssociationProperty: ALIYUN::ECS::VPC::VPCId
    Type: String
    Description:
      en: Please search the ID starting with (vpc-xxx) from console-Virtual Private Cloud
       
    Label:
      en: VPC ID
       
  VSwitchZoneId:
    AssociationProperty: ALIYUN::ECS::Instance:ZoneId
    Type: String
    Description:
        
      en: Zone ID.<br><b>Note:<font color='blue'>Before you specify a zone ID, check whether the specifications of the ECS instance are available in the zone. We recommend that you select a zone in which the specified vSwitch does not reside.</font></b>
    Label:
       
      en: VSwitch Availability Zone
  VSwitchId:
    AssociationProperty: ALIYUN::ECS::VSwitch::VSwitchId
    AssociationPropertyMetadata:
      VpcId: ${VpcId}
      ZoneId: ${VSwitchZoneId}
    Type: String
    Description:
      en: Instance ID of existing business network switches, console-Virtual Private Cloud-VSwitches under query
       
    Label:
      en: VSwitch ID
       
  SecurityGroupId:
    Type: String
    AssociationProperty: ALIYUN::ECS::SecurityGroup::SecurityGroupId
    AssociationPropertyMetadata:
      VpcId: ${VpcId}
    Description:
      en: Please search the business security group ID starting with(sg-xxx)from console-ECS-Network & Security
       
    Label:
      en: Business Security Group ID
       
  InstanceType:
    Type: String
    Description:
       
      en: Fill in the specifications that can be used under the VSwitch availability zone.
    Label:
       
      en: Instance Type
    AssociationProperty: ALIYUN::ECS::Instance::InstanceType
    AssociationPropertyMetadata:
      ZoneId: ${VSwitchZoneId}
  SystemDiskCategory:
    Type: String
    AssociationProperty: ALIYUN::ECS::Disk::SystemDiskCategory
    AssociationPropertyMetadata:
      ZoneId: ${VSwitchZoneId}
      InstanceType: ${InstanceType}
    Label:
      en: System Disk Type
       
    Description:
      en: '<font color=''blue''><b>Optional values:</b></font><br>[cloud_efficiency: <font color=''green''>Efficient Cloud Disk</font>]<br>[cloud_ssd: <font color=''green''>SSD Cloud Disk</font>]<br>[cloud_essd: <font color=''green''>ESSD Cloud Disk</font>]<br>[cloud: <font color=''green''>Cloud Disk</font>]<br>[ephemeral_ssd: <font color=''green''>Local SSD Cloud Disk</font>]'
       
  SystemDiskSize:
    Default: 40
    Type: Number
    Description:
       
      en: 'System disk size, range of values: 40-500, units: GB.'
    Label:
       
      en: System Disk Space
Resources:
  OpsEcsInstance:
    Type: ALIYUN::ECS::Instance
    Properties:
      HostName: OpsEcsInstance
      UserData:
        Fn::Sub:
          - |
            #!/bin/bash
            RootPassword=${RootPassword}
            ProdIP=${ProdIP}
            SSHConfig() {
            echo '[ ! -f /root/.ssh/id_rsa.pub ] && ssh-keygen -t rsa -P "" -f ~/.ssh/id_rsa &>/dev/null' >> /tmp/auto_ssh.sh
            echo 'while read line;do' >> /tmp/auto_ssh.sh
            echo '        ip=`echo $line | cut -d " " -f1`' >> /tmp/auto_ssh.sh
            echo '        user_name=`echo $line | cut -d " " -f2`' >> /tmp/auto_ssh.sh
            echo '        pass_word=`echo $line | cut -d " " -f3`' >> /tmp/auto_ssh.sh
            echo 'expect <<EOF' >> /tmp/auto_ssh.sh
            echo '        spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $user_name@$ip' >> /tmp/auto_ssh.sh
            echo '        expect {' >> /tmp/auto_ssh.sh
            echo '                  "yes/no" { send "yes\n";exp_continue}' >> /tmp/auto_ssh.sh
            echo '                  "password" { send "$pass_word\n"}' >> /tmp/auto_ssh.sh
            echo '        }' >> /tmp/auto_ssh.sh
            echo '        expect eof' >> /tmp/auto_ssh.sh
            echo 'EOF' >> /tmp/auto_ssh.sh
            echo 'done < /tmp/host_ip.txt' >> /tmp/auto_ssh.sh
            }
            SetHostsConfig() {
            echo "`ifconfig eth0 | awk '/inet /{print $2}'` root ${RootPassword}" >> /tmp/host_ip.txt
            echo "${ProdIP} root ${RootPassword}" >> /tmp/host_ip.txt
            sh /tmp/auto_ssh.sh
            }
            main() {
            yum install -y expect
            SSHConfig
            SetHostsConfig
            rm -rf /tmp/host_ip.txt
            }
            main
          - ProdIP:
              Fn::GetAtt:
                - ProdEcsInstance
                - PrivateIp
            RootPassword: Admin@123!
      VpcId:
        Ref: VpcId
      SecurityGroupId:
        Ref: SecurityGroupId
      VSwitchId:
        Ref: VSwitchId
      ImageId: centos_7
      AllocatePublicIP: false
      InstanceType:
        Ref: InstanceType
      SystemDiskSize: 40
      SystemDiskCategory:
        Ref: SystemDiskCategory
      Password: Admin@123!
  ProdEcsInstance:
    Type: ALIYUN::ECS::Instance
    Properties:
      HostName: ProdEcsInstance
      SystemDiskCategory:
        Ref: SystemDiskCategory
      VpcId:
        Ref: VpcId
      SecurityGroupId:
        Ref: SecurityGroupId
      SystemDiskSize: 40
      ImageId: centos_7
      VSwitchId:
        Ref: VSwitchId
      Password: Admin@123!
      InstanceType:
        Ref: InstanceType
      AllocatePublicIP: false
Outputs: {}

JSON format

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Description": "Creates VPC ECS instance",
  "Metadata": {},
  "Parameters": {
    "VpcId": {
      "AssociationProperty": "ALIYUN::ECS::VPC::VPCId",
      "Type": "String",
      "Description": {
        "en": "Please search the ID starting with (vpc-xxx) from console-Virtual Private Cloud",
         
      },
      "Label": {
        "en": "VPC ID",
         
      }
    },
    "VSwitchZoneId": {
      "AssociationProperty": "ALIYUN::ECS::Instance:ZoneId",
      "Type": "String",
      "Description": {
          
        "en": "Zone ID.<br><b>Note:<font color='blue'>Before you specify a zone ID, check whether the specifications of the ECS instance are available in the zone. We recommend that you select a zone in which the vSwitch that you specify does not reside.</font></b>"
      },
      "Label": {
         
        "en": "VSwitch Availability Zone"
      }
    },
    "VSwitchId": {
      "AssociationProperty": "ALIYUN::ECS::VSwitch::VSwitchId",
      "AssociationPropertyMetadata": {
        "VpcId": "${VpcId}",
        "ZoneId": "${VSwitchZoneId}"
      },
      "Type": "String",
      "Description": {
        "en": "Instance ID of existing business network switches, console-Virtual Private Cloud-VSwitches under query",
         
      },
      "Label": {
        "en": "VSwitch ID",
         
      }
    },
    "SecurityGroupId": {
      "Type": "String",
      "AssociationProperty": "ALIYUN::ECS::SecurityGroup::SecurityGroupId",
      "AssociationPropertyMetadata": {
        "VpcId": "${VpcId}"
      },
      "Description": {
        "en": "Please search the business security group ID starting with(sg-xxx)from console-ECS-Network & Security",
         
      },
      "Label": {
        "en": "Business Security Group ID",
         
      }
    },
    "InstanceType": {
      "Type": "String",
      "Description": {
         
        "en": "Fill in the specifications that can be used under the VSwitch availability zone."
      },
      "Label": {
         
        "en": "Instance Type"
      },
      "AssociationProperty": "ALIYUN::ECS::Instance::InstanceType",
      "AssociationPropertyMetadata": {
        "ZoneId": "${VSwitchZoneId}"
      }
    },
    "SystemDiskCategory": {
      "Type": "String",
      "AssociationProperty": "ALIYUN::ECS::Disk::SystemDiskCategory",
      "AssociationPropertyMetadata": {
        "ZoneId": "${VSwitchZoneId}",
        "InstanceType": "${InstanceType}"
      },
      "Label": {
        "en": "System Disk Type",
         
      },
      "Description": {
        "en": "<font color='blue'><b>Optional values:</b></font><br>[cloud_efficiency: <font color='green'>Efficient Cloud Disk</font>]<br>[cloud_ssd: <font color='green'>SSD Cloud Disk</font>]<br>[cloud_essd: <font color='green'>ESSD Cloud Disk</font>]<br>[cloud: <font color='green'>Cloud Disk</font>]<br>[ephemeral_ssd: <font color='green'>Local SSD Cloud Disk</font>]",
         
      }
    },
    "SystemDiskSize": {
      "Default": 40,
      "Type": "Number",
      "Description": {
         
        "en": "System disk size, range of values: 40-500, units: GB."
      },
      "Label": {
         
        "en": "System Disk Space"
      }
    }
  },
  "Resources": {
    "OpsEcsInstance": {
      "Type": "ALIYUN::ECS::Instance",
      "Properties": {
        "HostName": "OpsEcsInstance",
        "UserData": {
          "Fn::Sub": [
            "#!/bin/bash\nRootPassword=${RootPassword}\nProdIP=${ProdIP}\nSSHConfig() {\necho '[ ! -f /root/.ssh/id_rsa.pub ] && ssh-keygen -t rsa -P \"\" -f ~/.ssh/id_rsa &>/dev/null' >> /tmp/auto_ssh.sh\necho 'while read line;do' >> /tmp/auto_ssh.sh\necho '        ip=`echo $line | cut -d \" \" -f1`' >> /tmp/auto_ssh.sh\necho '        user_name=`echo $line | cut -d \" \" -f2`' >> /tmp/auto_ssh.sh\necho '        pass_word=`echo $line | cut -d \" \" -f3`' >> /tmp/auto_ssh.sh\necho 'expect <<EOF' >> /tmp/auto_ssh.sh\necho '        spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $user_name@$ip' >> /tmp/auto_ssh.sh\necho '        expect {' >> /tmp/auto_ssh.sh\necho '                  \"yes/no\" { send \"yes\\n\";exp_continue}' >> /tmp/auto_ssh.sh\necho '                  \"password\" { send \"$pass_word\\n\"}' >> /tmp/auto_ssh.sh\necho '        }' >> /tmp/auto_ssh.sh\necho '        expect eof' >> /tmp/auto_ssh.sh\necho 'EOF' >> /tmp/auto_ssh.sh\necho 'done < /tmp/host_ip.txt' >> /tmp/auto_ssh.sh\n}\nSetHostsConfig() {\necho \"`ifconfig eth0 | awk '/inet /{print $2}'` root ${RootPassword}\" >> /tmp/host_ip.txt\necho \"${ProdIP} root ${RootPassword}\" >> /tmp/host_ip.txt\nsh /tmp/auto_ssh.sh\n}\nmain() {\nyum install -y expect\nSSHConfig\nSetHostsConfig\nrm -rf /tmp/host_ip.txt\n}\nmain\n",
            {
              "ProdIP": {
                "Fn::GetAtt": [
                  "ProdEcsInstance",
                  "PrivateIp"
                ]
              },
              "RootPassword": "Admin@123!"
            }
          ]
        },
        "VpcId": {
          "Ref": "VpcId"
        },
        "SecurityGroupId": {
          "Ref": "SecurityGroupId"
        },
        "VSwitchId": {
          "Ref": "VSwitchId"
        },
        "ImageId": "centos_7",
        "AllocatePublicIP": false,
        "InstanceType": {
          "Ref": "InstanceType"
        },
        "SystemDiskSize": 40,
        "SystemDiskCategory": {
          "Ref": "SystemDiskCategory"
        },
        "Password": "Admin@123!"
      }
    },
    "ProdEcsInstance": {
      "Type": "ALIYUN::ECS::Instance",
      "Properties": {
        "HostName": "ProdEcsInstance",
        "SystemDiskCategory": {
          "Ref": "SystemDiskCategory"
        },
        "VpcId": {
          "Ref": "VpcId"
        },
        "SecurityGroupId": {
          "Ref": "SecurityGroupId"
        },
        "SystemDiskSize": 40,
        "ImageId": "centos_7",
        "VSwitchId": {
          "Ref": "VSwitchId"
        },
        "Password": "Admin@123!",
        "InstanceType": {
          "Ref": "InstanceType"
        },
        "AllocatePublicIP": false
      }
    }
  },
  "Outputs": {}
}