What is ECS API?

ECS API is an open-source remote procedure call (RPC) API that provides API services to Alibaba Cloud users. You can use this API to manage and use ECS instances. The following figure shows the path along which a request is forwarded to call an API. For more information about how to use the ECS API, see Quick start for ECS APIs.

Error code InvalidDataDiskCategory.NotSupported is returned when I try to create an ECS instance. What can I do?

  • Problem description: After you call the RunInstances operation to create an ECS instance, the following error information is returned:
    {
        "Code": "InvalidDataDiskCategory.NotSupported",
        "Message": "Specified disk category is not supported."
    }
  • Cause: The error occurred because disks of the specified category cannot be created in the specified zone.
  • Solution: We recommend that you call the DescribeAvailableResource operation to view the resources available in the zone where you want to create the ECS instance and ensure that there are sufficient resources in that zone. You can also change the value of ZoneId and try again.
    aliyun ecs RunInstances --ImageId win2008_64_ent_r2_cn_40G_alibase_20150429.vhd --InstanceType ecs.g5.large --SecurityGroupId <TheSecuriytyGroupId> --SystemDiskCategory cloud_efficiency --ZoneId cn-hangzhou-c

How can I create an ECS instance that is assigned a public IP address?

  • Method 1: Call the RunInstances operation with InternetMaxBandwidthOut set to a value greater than 0 to create an ECS instance. The new ECS instance is automatically assigned a public IP address.
  • Method 2: Call the CreateInstance operation to create an ECS instance. Then call the AllocatePublicIpAddress operation to assign a public IP address to the instance.

I have created an ECS instance by using an ECS API operation. Why can't the public IP address of the instance be pinged?

  • Problem description: The new ECS instance that you created by using an ECS API operation cannot connect to the public network, and the public IP address of the instance cannot be pinged.
  • Cause: You have not added a security group rule to allow the public network to access the instance.
  • Solution: Call the AuthorizeSecurityGroup operation to add an inbound rule to the security group to which the instance belongs to allow the public network to access the instance. For example, you can send the following request where IpProtocol is set to ICMP to call the AuthorizeSecurityGroup operation and add an inbound rule that allows the public IP address of this instance to be pinged from any other IP addresses:
    https://ecs.aliyuncs.com/?Action=AuthorizeSecurityGroup
    &SecurityGroupId=sg-bp15ed6xe1yxeycg7***
    &SourceCidrIp=0.0.0.0/0
    &IpProtocol=ICMP
    &PortRange=-1/-1
    &<Common request parameters>

The error message "The specified IP is already in use." is returned when I use an ECS API operation to bind a public IP address to my instance. What can I do?

  • Problem description: When you call the AllocatePublicIpAddress operation to assign the public IP address specified by IpAddress to your ECS instance, the following error information is returned:
    {
        "Code": "IpInUse",
        "Message": "The specified IP is already in use."
    }
  • Cause: The specified IP address is already in use.
  • Solution: Check whether the IP address is already in use. If yes, try another IP address.

When I modify the public bandwidth configurations of my instance by using an ECS API operation, can I specify an effective period of time for the new bandwidth configurations?

You can call the ModifyInstanceNetworkSpec operation to modify the public bandwidth configurations of your ECS instance. The new bandwidth configurations take effect on the instance immediately after the modification is completed. If you only want to temporarily modify the bandwidth configurations of your instance, set StartTime and EndTime to define an effective period of time.

If you are using an Elastic IP Address, you can call the ModifyEipAddressAttribute operation to make the modification but you cannot specify an effective period of time.

Why can't all the security group rules in a security group be displayed when I use an ECS API operation or ECS SDK to query the details of the security group?

Security group rules can be distinguished by their NIC types, public NIC (internet) and internal NIC (intranet). When you call the DescribeSecurityGroupAttribute operation to query the details of a security group, the NIC parameter is not required. However, if this parameter is not specified, the default value internet is used. Therefore, when you run the following CLI command to call the DescribeSecurityGroupAttribute operation, only the public security group rules, not all security group rules, in the queried security group are displayed:
aliyun ecs DescribeSecurityGroupAttribute --SecurityGroupId <TheSecurityGroupId> --RegionId <TheRegionId>
If you want to view the internal security group rules in a security group (such as internal security group rules that allow access across internal networks or that are configured for the VPN firewall of Finance Cloud), run the following command with NicType set to intranet:
aliyun ecs DescribeSecurityGroupAttribute --SecurityGroupId <TheSecurityGroupId> --RegionId <TheRegionId> --NicType intranet

Why does a query made by using the ECS API, ECS SDK, or Alibaba Cloud CLI return only ten entries?

For details, see Why only ten entries are returned for query request by using APIs or SDK.