Elastic Compute Service (ECS) is an IaaS offering on Alibaba Cloud that provides high-performance, stable, reliable, and scalable compute capacity in the cloud. ECS eliminates your need to invest in hardware up front. You can create as many or as few instances as you need in response to changes in requirements or popularity of your workloads. With an ever-growing selection of instance types, ECS provides broader and deeper choices to match a wide spectrum of computing needs.
ECS provides the following competitive advantages:
Helps you avoid having to make upfront investments in IT infrastructure that may be tied up for years.
Provisions virtual computing environments (known as instances) in minutes, allowing you to quickly set up and start developing or deploying your applications.
Interconnects to a worldwide network of Border Gateway Protocol (BGP)-based and non-BGP-based data centers, allowing you to deploy your applications anywhere in the world.
Supplies compute capacity on demand at transparent prices and allows you to scale in or out in response to your business requirements.
Provides various instances such as GPU-accelerated instances, FPGA-accelerated instances, ECS bare metal instances, and x86-based instances to help strike the optimal compute, memory, storage, and networking balance for your workloads.
Interconnects with a variety of other Alibaba Cloud services over the internal network, allowing you to build diversified solutions for a range of scenarios while saving on outbound public bandwidth.
Leverages a host of security features such as virtual firewalls, role-based permission control, internal network isolation, anti-virus protection, and traffic monitoring to protect data and resources, as well as improve your security posture.
Comes with a performance monitoring framework and an active O&M system.
Provides standardized APIs that work with Alibaba Cloud resources and some third-party resources.
Service architecture of ECS
ECS provides various features and components, including instances, images, security groups, and Elastic Block Storage (EBS) devices, for use in different networks. The following figure shows the service architecture of ECS. For information about the features and components shown in the figure, see Terms.
For more information, visit the Elastic Compute Service product page.
Billing for ECS
In ECS, compute resources (vCPUs and memory), images, EBS devices, public bandwidth, and snapshots are the resources that you need to pay for.
ECS supports multiple billing methods for resources:
Subscription: Subscription instances are resources that you secure for an extended period of time for an upfront payment.
Pay-as-you-go: Pay-as-you-go instances allow you to pay only for the resources that you use without making prior commitments or upfront payments.
Preemptible instance: Preemptible instances are unused ECS capacity in Alibaba Cloud. You can purchase preemptible instances at steep discounts, but these instances may be reclaimed by Alibaba Cloud with a short notice.
Reserved instance: Reserved instances are a billing discount applied to the use of pay-as-you-go instances in your account and provide significant savings compared to pay-as-you-go pricing. Pay-as-you-go instances must match the attributes (including instance type, region, and zone) of a reserved instance to benefit from the billing discount.
Savings plan: Savings plans are a flexible pricing model that offers lower prices on pay-as-you-go instances. Savings plans can be applied to ECS resources such as compute resources and disks, and offer savings on the pay-as-you-go rate on these resources in exchange for a commitment to use a specific amount (measured in USD/hour) within a specific timeframe.
Storage capacity unit (SCU): SCUs are resource plans that provide lower prices for pay-as-you-go storage resources. When you purchase SCUs, you make a commitment to use storage resources of a specific type and capacity in exchange for a lower price. SCUs can be applied to EBS devices, Apsara File Storage NAS file systems, and Object Storage Service (OSS) buckets.
After you create an Alibaba Cloud account, you can log on to Alibaba Cloud and start using ECS. To cater to a wide range of preferences, Alibaba Cloud provides a wide range of options that you can use to access ECS:
ECS console: the web-based user interface provided by Alibaba Cloud. For information about the operations that you can perform in the ECS console, see Quick reference.
ECS API: a Remote Procedure Call (RPC) API that supports GET and POST requests. For more information, see API Reference. You can use the following developer tools or services to call ECS API operations:
Resource Orchestration Service (ROS): an Alibaba Cloud service that you can use to create and configure Alibaba Cloud resources based on user-defined templates.
Operation Orchestration Service (OOS): an Alibaba Cloud service that you can use to manage and execute O&M tasks. You can define items such as tasks, task steps, inputs, and outputs in execution templates and use the templates to automate O&M tasks.
Terraform: an open source tool that can help you implement version control on configuration files or use them to call compute resources of Alibaba Cloud and other platforms that support Terraform.
Alibaba Cloud Client: a client provided by Alibaba Cloud that can be used to query, view, and connect to ECS instances, elastic container instances, simple application servers, and managed instances.
Best practices for ECS
To maximize the benefits of ECS, we recommend that you follow the best practices described in this section.
Alibaba Cloud ECS is available in multiple locations across the world. These locations are classified into regions and zones. Regions are geographical areas in which Alibaba Cloud data centers reside and provide services. Zones are discrete locations within a region with independent power and networking capacities. When you create an ECS instance, you can select the region and zone in which the instance is created. However, after the instance is created, you cannot change the region in which the instance resides. Hence, we recommend that you take the factors unique to your business requirements into account when selecting the region in which you want to deploy your instances. Factors that may influence this decision include where your customers reside, whether Alibaba Cloud services you want to use with ECS are available, whether you have high availability requirements, and whether you want to access other services over the internal network. For example, if you want to access an ApsaraDB RDS instance over the internal network from your ECS instance, make sure both instances are deployed in the same region. For more information, see Regions and zones.
To ensure business consistency and continuity, create snapshots to back up data, deploy critical components of applications across multiple zones, and use deployment sets and Server Load Balancer (SLB) for disaster recovery.
Alibaba Cloud VPC allows you to deploy ECS instances in a logically isolated virtual networking environment exclusive to your account. You have full control over the network topology in your VPCs, and can assign private IP addresses to your ECS instances in the VPCs. Alibaba Cloud VPC is compatible with all ECS instance types and features, and is useful for isolating applications or interconnecting services that span multiple regions. For more information, see What is a VPC?
Security groups serve as virtual firewalls for your ECS instances, and allow you to control inbound and outbound traffic, as well as configure port listening settings. Security groups are provided at no extra cost to you. For more information, see Overview.
Alibaba Cloud provides free basic security and attack mitigation services in the form of Anti-DDoS Origin Basic and Alibaba Cloud Security Center Basic. These services secure applications deployed on your ECS instances. For more information, see Anti-DDoS Origin Basic and Basic security services.
Anti-DDoS Origin Basic provides a DDoS mitigation capacity of up to 5 Gbit/s and is enabled by default. For more advanced DDoS mitigation capabilities, you can opt to purchase an Anti-DDoS Pro or Anti-DDoS Premium instance. For more information, see What are Anti-DDoS Pro and Anti-DDoS Premium?
Security Center Basic provides basic security services. It also provides basic security hardening capabilities such as unusual logon detection, vulnerability scan, and baseline check. You can upgrade your Security Center to the Anti-virus, Advanced, or Enterprise edition to obtain more security features and further increase the security of your ECS instances. For more information, see What is Security Center?