FAQ about images in use of ECS instances - Elastic Compute Service

When you use an Elastic Compute Service (ECS) instance, you may encounter image-related issues or have questions, such as slow instance startup, high system load, and how to compile the kernel. This topic provides answers to some frequently asked questions (FAQ) about images that you may have when you use ECS instances.

FAQ about images in use of Windows instances

A system time error occurs due to frequent timeBeginPeriod calls in Windows. What do I do?
In Windows Server 2008, frequent timeBeginPeriod calls may cause the system time to become inaccurate. You can perform the following operations to resolve the issue.
Note
For information about system functions that may affect system time accuracy, see Wait Functions.
1. Connect to the instance.
  For more information, see Connect to a Windows instance by using a password.
2. Download CheckTimeBeginPeriod.zip.
3. Decompress CheckTimeBeginPeriod.zip.
4. Decompress bin.zip, go to the bin folder, and then double-click an .exe file.
  - For a 64-bit operating system, double-click InjectDllx64.exe.
  - For a 32-bit operating system, double-click InjectDllx86.exe.
  The processes that call the timeBeginPeriod function are displayed.
5. Stop or update the processes that call the timeBeginPeriod function based on your business requirements.
If the issue persists, submit a ticket to contact Alibaba Cloud technical support.
What do I do if "Content from the website listed below is being blocked by the Internet Explorer Enhanced Security Configuration" error message appears?
When you attempt to open a website in Internet Explorer on a Windows ECS instance or Windows simple application server, the following error message appears: Content from the website listed below is being blocked by the Internet Explorer Enhanced Security Configuration. For information about how to resolve the issue, see What do I do if I am prompted with the error message "Content from the website listed below is being blocked by the Internet Explorer Enhanced Security Configuration"?
When I replace the system disk of a Windows ECS instance or re-initialize the system disk, why is user data not automatically executed?
Cause
After a Windows ECS instance is started, a cache file is created in the C:\ProgramData\aliyun\vminit\INSTANCE_ Instance ID}\METASERVER directory. The cache file is used to mark whether the instance is initialized. If you create a custom image from the ECS instance and use the custom image to re-initialize or replace the system disk, a cache file whose ID is the same as that of the current reset instance is found in the C:\ProgramData\aliyun\vminit\INSTANCE_ID\METASERVER directory. The vminit service determines whether an ECS instance has been started for the first time based on the existence of cache files. If a cache file with the same ID as the current reset instance is found, the vminit service determines that the instance has not been started for the first time, and the script in user data is not automatically executed.
Solution
We recommend that you check for and delete the cache file in the C:\ProgramData\aliyun\vminit\INSTANCE_ instance ID}\METASERVER directory before you create a custom image from the ECS instance.
Note
The vminit service is automatically installed when you create a Windows instance. Similarly to the Linux cloud-init service, the vminit service provides the system initialization configuration for the Windows operating system during the startup phase. The vminit service has the following initialization abilities:
- The abilities to initialize or modify network configurations, such as Domain Name System (DNS), routes, and Dynamic Host Configuration Protocol (DHCP).
- The ability to modify a hostname
- The ability to change the password of a host
- The ability to configure the Network Time Protocol (NTP) server
- The ability to resize disks
- The ability to configure Key Management Service (KMS)
- The ability to configure Windows Server Update Services (WSUS)
- The ability to execute the userdata script (that you specified when you created an instance)
- The ability to install and start Cloud Assistant
- The ability to install necessary drivers for the system to run, such as virtio and Non-Volatile Memory Express (NVMe) drivers
- The ability to install the Alibaba Cloud digital certificate
- The ability to enable the Remote Desktop Protocol (RDP) feature

FAQ about CentOS and Red Hat images

How do I upgrade Red Hat Enterprise Linux (RHEL) 7 to RHEL 8?

How do I resolve a CentOS DNS resolution timeout issue?
Cause
The DNS resolution mechanism of CentOS 6 and CentOS 7 has changed. A DNS resolution timeout error may occur in CentOS 6 or CentOS 7 instances that were created before February 22, 2017 or that use custom images created before February 22, 2017.
Solution
Perform the following steps to resolve this issue:
1. Download the fix_dns.sh script.
2. Place the downloaded script in the /tmp directory of the CentOS operating system.
3. Run the bash /tmp/fix_dns.sh command to execute the script.
Take note of the following items about the script:
- Script role
  The script determines whether the /etc/resolv.conf file contains the options>single-request-reopen configuration. For more information, see resolv.conf.
  The DNS resolution mechanism of CentOS 6 and CentOS 7 uses the same 5-tuple to send IPv4 and IPv6 DNS requests, for which the single-request-reopen option must be added. When two requests from the same port need to be handled after the option is added, the resolver closes the socket after the resolver sends the first request and then opens a new socket before the resolver sends the second request. The option takes effect immediately after it is added. You do not need to restart the instance.
- Script logic
  1. The script determines whether the operating system of the instance is CentOS.
    If the operating system is not CentOS (for example, the operating system is Ubuntu or Debian), the script stops running.
    If the operating system is CentOS, the script continues to run.
  2. The script checks the /etc/resolv.conf file for the options configuration.
    If the options configuration is unavailable, the script takes the following action:
    Use the Alibaba Cloud options configuration (options timeout:2 attempts:3 rotate single-request-reopen) by default.
    If the options configuration is available, the script checks for the single-request-reopen option.
    If the single-request-reopen option does not exist, the script appends this option to the options configuration.
    If the single-request-reopen option exists, the script stops running and the DNS nameserver configuration does not change.

After I use a CentOS 7 or Windows instance for an extended period of time without restarting it, the instance is disconnected from the network, the network is no longer available, or the public or private IP address of the instance cannot be pinged. What do I do?
For information about the cause of and solution to this issue, see Check and fix the problem of missing IP addresses of CentOS 7 instances and Windows instances.

What do I do if a CentOS 7.9 for Arm operating system fails to generate dump files?
Problem description
When the CentOS 7.9 for Arm operating system is down and you run the ls /var/crash command to query the dump file, no vmcore file is generated.
Cause
The CentOS 7.9 for Arm operating system has a kernel with the CONFIG_ARM64_USER_VA_BITS_52=y feature enabled. The version of the makedumpfile software that comes with the system does not match the kernel version. In this case, the dump file cannot be generated.
Solution
Important
This solution applies only to systems that have the kdump service enabled. If the kdump service is not enabled and you fix the problem as described in this topic, configure the crashkernel parameter in the proc/cmdline file.
1. Run the following command to download the kexec-tools package:
```
wget http://mirrors.aliyun.com/centos-vault/7.9.2009/os/Source/SPackages/kexec-tools-2.0.15-51.el7.src.rpm
```
2. Run the following command to install the RPM Package Manager (RPM) package:
```
rpm -ivh kexec-tools-2.0.15-51.el7.src.rpm
```
3. Run the following commands to download a patch file:
```
cd /root/rpmbuild/SOURCES
wget https://ecs-image-tools.oss-cn-hangzhou.aliyuncs.com/patch/rhelonly-kexec-tools-2.0.20-makedumpfile-arm64-Add-support-for-ARMv8.2-LVA-52-bi.patch
```
4. Modify the kexec-tools.spec file.
  1. Run the following command to open the kexec-tools.spec file.
```
cd /root/rpmbuild/SPECS/
vi kexec-tools.spec
```
  2. Press the I key to enter Insert mode and add the following two lines to the corresponding position in the file.
```
Patch999: rhelonly-kexec-tools-2.0.20-makedumpfile-arm64-Add-support-for-ARMv8.2-LVA-52-bi.patch
%patch999 -p1
```
    Add content as shown in the following figure.
  3. Press the Esc key to exit Insert mode and enter :wq to save and close the file.
5. Run the following command to check installation dependencies:
```
yum-builddep kexec-tools.spec 
```
6. Run the following commands to build an RPM package:
```
yum -y install rpm-build
rpmbuild -ba kexec-tools.spec
```
7. Run the following commands to install the modified RPM package:
```
cd /root/rpmbuild/RPMS/aarch64
rpm -ivh kexec-tools-2.0.15-51.el7.aarch64.rpm
```
If the downtime occurs again, you can query the dump file by running the ls -lh /var/crash command. You can find that a vmcore file is generated, indicating that the problem is solved.

How do I convert CentOS 7 to RHEL 7?
CentOS 7 will reach end of maintenance (EOL) on June 30, 2024. Alibaba Cloud will no longer provide support for the operating system since then. To prevent the impacts of the operating system EOL, you can convert CentOS 7 to RHEL 7. The following section describes how to convert CentOS 7 to RHEL 7 on Alibaba Cloud. For more information, see Red Hat official documentation.
Important
To prevent data loss or exceptions that are caused by accidental operations, we recommend that you stop important applications, database services, and data storage services, and create disk snapshots to back up important data before the conversion.
1. (Conditionally required) If you use Alibaba Cloud ECS instances and have installed Server Guard, uninstall Server Guard first.
  For more information, see Uninstall the Security Center agent.
  Note
  Server Guard is the default security enhancement tool for CentOS. RHEL 7 uses the security enhancement tools provided by Red Hat. Server Guard may be incompatible and conflict with tools in RHEL 7. Uninstall Server Guard during the conversion process to ensure system stability and compatibility.
2. Run the following commands to upgrade the system software packages to the latest versions:
```
sudo wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
sudo wget -O /etc/yum.repos.d/epel.repo https://mirrors.aliyun.com/repo/epel-7.repo
```
3. Run the following commands to update the system software package and restart the system.
```
sudo yum -y update
sudo reboot
```
4. Run the following commands to download the convert2rhel tool from the Red Hat official website and install the tool:
```
sudo curl -o /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release https://www.redhat.com/security/data/fd431d51.txt
sudo curl --create-dirs -o /etc/rhsm/ca/redhat-uep.pem https://ftp.redhat.com/redhat/convert2rhel/redhat-uep.pem
sudo curl -o /etc/yum.repos.d/convert2rhel.repo https://ftp.redhat.com/redhat/convert2rhel/7/convert2rhel.repo
sudo yum -y install convert2rhel
```
5. Purchase an RHEL subscription on Alibaba Cloud and obtain the address of the RHEL 7 RPM repository.
  For more information, submit a ticket.
6. Run the following commands to install the RHEL 7 RPM repository:
```
sudo rpm -ivh --replacefiles <RPM repository address> 
sudo sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/rh-cloud.repo
```
  Replace <RPM repository address> with the actual RPM repository address of RHEL 7. You can obtain this address when you purchase the RHEL subscription.
7. Run the following command to convert CentOS 7 to RHEL 7:
```
sudo convert2rhel -y  --no-rhsm --enablerepo rhui-rhel-7-server-rhui-rpms --enablerepo rhui-rhel-7-server-rhui-extras-rpms --enablerepo rhui-rhel-7-server-rhui-optional-rpms
```
  The conversion process takes a period of time. The following command output indicates that the conversion is complete.
8. Run the following command to restart the system:
  After the conversion is complete, a message is displayed to prompt you to restart the system. Restart the system to boot the new RHEL kernel. Then, check whether the operating system is converted.
```
sudo reboot
```
  Note
  After you convert CentOS 7 to RHEL 7, if you want to upgrade RHEL 7 to RHEL 8, see How do I upgrade Red Hat Enterprise Linux (RHEL) 7 to RHEL 8?

Red Hat 8.1 and Red Hat 8.2 images start slowly on ECS bare metal instances. What do I do?
When a Red Hat 8.1 or Red Hat 8.2 image is used on an ECS bare metal instance, the image takes up to 2 minutes longer to start than a Red Hat 7 image. To solve this issue, you can change the kernel startup parameter settings from console=ttyS0 console=ttyS0,115200n8 to console=tty0 console=ttyS0,115200n8 in the /boot/grub2/grubenv file of the Red Hat 8.1 or Red Hat 8.2 image, and restart the instance for the change to take effect.

FAQ about Ubuntu images

After the Server Guard (AliYunDun) process is started on ECS instances that run Ubuntu operating systems of specific versions, the load average of the instances becomes high. Why?

After the Server Guard process is started on ECS instances that run Ubuntu operating systems of specific versions such as Ubuntu 18.04, the load average of the instances becomes high. After the Server Guard process is terminated, the load average drops to a normal level.

FAQ about FreeBSD images

How do I install patches and compile the kernel on FreeBSD?
Alibaba Cloud FreeBSD public images already have their kernels patched to meet the startup requirements for 5th-generation or later instance families. You can call the DescribeInstanceTypeFamilies operation with the Generation parameter set to query the instance families.
In the following scenarios, you can use the FreeBSD kernel source code to install patches and compile the kernel to resolve and prevent the issue that the instance is unable to start:
- If you use a FreeBSD image that is not provided by Alibaba Cloud or a custom image that is derived from such a FreeBSD image when you create an instance of a 5th-generation or later instance family, the instance may be unable to start.
- If you use a FreeBSD public image to create an instance of a 5th-genertion or later instance family and use freebsd-update to update the kernel with new patches, the instance may be unable to start.
You do not need to install patches for FreeBSD 13 or later. In this example, FreeBSD 12.3 is used to describe how to use FreeBSD kernel source code to install kernel patches and compile the kernel.
1. Download and decompress the FreeBSD kernel source code package.
```
wget https://mirrors.aliyun.com/freebsd/releases/amd64/12.3-RELEASE/src.txz -O /src.txz
cd /
tar -zxvf /src.txz
```
2. Download patches.
  In this example, 0001-virtio.patch is downloaded.
```
cd /usr/src/sys/dev/virtio/
wget https://ecs-image-tools.oss-cn-hangzhou.aliyuncs.com/0001-virtio.patch
patch -p4 < 0001-virtio.patch
```
3. Copy the kernel files, and compile and install the kernel.
  N in the make -j<N> command indicates the number of jobs that run in parallel. Set N based on your compiling environment. For example, for a single-vCPU environment, we recommend that you set -j<N> to -j2. This indicates that the ratio of the number of vCPUs to the N value is 1:2.
```
cd /usr/src/
cp ./sys/amd64/conf/GENERIC .
make -j2 buildworld KERNCONF=GENERIC
make -j2 buildkernel KERNCONF=GENERIC
make -j2 installkernel KERNCONF=GENERIC
```
4. After the kernel is compiled, delete the source code.
```
rm -rf /usr/src/*
rm -rf /usr/src/.*
```

The system disk of an ECS instance that runs a FreeBSD operating system cannot be found in the KVM environment. What do I do?
Problem description
When you logged on to an ECS instance that runs a FreeBSD operating system in the Kernel-based Virtual Machine (KVM) environment by using Virtual Network Computing (VNC), the system disk of the instance could not be found and the logon failed, as shown in the following figure.
Solution
1. Enter the question mark (?) in the VNC interface to view the ufsid of the root file system.
2. Enter ufs:/dev/ufsid/5565b5a09045**** and press the Enter key to access the operating system.
3. Enter a username and password to log on to the system.
4. Run the following command to check the configurations in the /etc/fstab file:
```
cat /etc/fstab
```
  The command output shown in the following figure indicates that the root file system is configured to be mounted based on a UUID in the /etc/fstab file. However, FreeBSD operating systems do not support mounting devices based on UUIDs. You must configure the root file system to be mounted based on the ufsid.
5. Configure the root file system to be mounted based on the ufsid.
  1. Run the following command to open the /etc/fstab file:
```
vi /etc/fstab
```
  2. Press the I key to enter Insert mode.
  3. Change UUID=5565b5a09045**** to /dev/ufsid/5565b5a09045****.
  4. After you delete the previous variables, press the Esc key. Then, enter :wq and press the Enter key to save the modification and exit.
6. Run the following command to restart the system for the modification to take effect:
```
reboot 
```

FAQ about Fedora images

Why am I unable to use an SSH key pair that uses the ssh-rsa signature algorithm to connect to an instance that runs Fedora 33 64-bit?
When you use an SSH key pair that uses the ssh-rsa signature algorithm to log on to an ECS instance that runs Fedora 33 64-bit, you may be unable to connect to the instance. You can use one of the following methods to resolve this issue:
- Replace the SSH key pair that uses the ssh-rsa signature algorithm with an SSH key pair that uses a different signature algorithm such as the Elliptic Curve Digital Signature Algorithm (ECDSA).
- Run the update-crypto-policies --set LEGACY command in the system to change POLICY to LEGACY. Then, you can continue to use the SSH key pair that uses the ssh-rsa signature algorithm.

After I used a Fedora CoreOS image to create an instance of a specific instance family, I found that the number of CPUs in the lscpu command output is only half the number of vCPUs of the selected instance type. Why?
Assume that after you used a Fedora CoreOS image to create an instance of a specific instance family such as g5, you ran the lscpu command on the instance to view CPU information. In the command output, the total number of vCPUs that is indicated by the On-line CPU(s) list value is only half the number of vCPUs of the selected instance type. For example, if an instance type that has two vCPUs is used to create an instance, the On-line CPU(s) list value indicates only one vCPU, as shown in the following figure.
Note
The On-line CPU(s) list value indicates vCPU serial numbers. In the preceding figure, only a single vCPU whose serial number is 0 is available.
This is because in Fedora CoreOS kernel, the mitigations boot parameter is set to auto,nosmt by default to disable simultaneous multithreading (SMT) for vulnerable systems. To view the mitigations parameter that is set to auto,nosmt, you can run the cat /proc/cmdline command.
For more information about SMT, see Automatically disable SMT when needed to address vulnerabilities and Policy for disabling SMT.

Others

In an ECS bare metal instance, the kdump service cannot generate crash dump files. What do I do?
For information about the cause of and solution to this issue, see Solution to the issue that crash dump files cannot be generated on some ECS instances.

A softlockup error occurs during the writeback process of the Linux operating system kernel. What do I do?
A softlockup error occurs when some earlier versions of the Linux kernel write data back to file caches. For information about how to resolve this issue, see Solution to the issue that a softlockup occurs during the writeback process of the Linux operating system kernel.

A softlockup error occurs when I delete cgroups from an ECS instance. What do I do?
For information about how to resolve this issue, see A softlockup error occurs when I delete cgroups in an ECS instance. What do I do?

An ECS instance goes down. What do I do?

Do public images come with the FTP service?
No, public images do not come with the FTP service. You must configure the FTP service on your own. For more information, see Manually build an FTP site on a Windows instance and Manually build an FTP site on a CentOS 7 instance.

Why does ECS disable virtual memory and leave swap partitions unconfigured by default?
When physical memory is insufficient, the memory manager saves memory data that has been inactive for an extended period of time to a swap partition or virtual memory file. This mechanism helps increase the amount of available memory.
However, if memory usage is already high and I/O performance is poor, the mechanism decreases the amount of available memory instead. Alibaba Cloud ECS cloud disks use distributed file systems for storage and provide multiple strongly consistent replicas for each piece of data. This mechanism ensures the security of user data but deteriorates the storage and I/O performance of local disks by tripling the number of I/O operations.
Therefore, virtual memory is not enabled for Windows and swap partitions are not configured for Linux by default to prevent I/O performance from being further decreased when system resources are insufficient.

How do I enable the kdump service in a public image?
By default, the kdump service is disabled in public images. If you want your instance to generate a core file when the instance is down so that you can analyze the downtime cause based on the file, you can perform the following steps to enable the kdump service. In the following example, the CentOS 7.2 public image is used. Operations may vary based on the version of your operating system.
1. Configure the directory in which to generate the core file.
  1. Run the vim /etc/kdump.conf command to open the kdump configuration file.
  2. Run the path command to configure the directory in which to generate the core file. In this example, the directory is /var/crash, and the following path command is used:
```
path /var/crash
```
  3. Save and close the /etc/kdump.conf file.
2. Enable the kdump service.
  Use one of the following methods based on the operating system to enable the kdump service:
  - Method 1: Run the following commands to enable the kdump service:
```
systemctl enable kdump.service
```
```
systemctlstartkdump.service
```
  - Method 2: Run the following commands to enable the kdump service:
```
chkconfig kdump on
```
```
service kdump start
```
  - Method 3: If Cloud Assistant is installed on your instance, enable the kdump service based on the instructions described in How do I resolve downtime issues with migrated instances? Enable the kdump service.

After an IPv6 address is assigned to a Linux instance on which the NTP service is installed, the time of the instance cannot be synchronized with the UTC time. What do I do?
Problem description
After you run the ntpq -p command on the Linux instance to synchronize time, a timeout error occurs, as shown in the following figure.
Solution
Note
This solution is applicable to instances that run the following operating systems: CentOS 7 and earlier, Ubuntu 20.04 and earlier, Anolis OS RHCK, Anolis OS ANCK, Alibaba Cloud Linux, and Debian.
1. Connect to the Linux instance.
  For more information, see Connect to a Linux instance by using a password or key.
2. Run the following command to modify the /etc/ntp.conf configuration file:
```
vi /etc/ntp.conf
```
3. Press the I key to enter Insert mode.
4. Add restrict -6 ::1 to the file, as shown in the following figure.
5. Press the Esc key. Then, enter :wq and press the Enter key to save the modification and exit.
6. Run the following command to restart the NTP service:
```
systemctl restart ntp 
```

I cannot hot-swap disks or ENIs for a running instance that uses a custom image. Why?
Problem description
Hot swapping of disks or elastic network interfaces (ENIs) is an action of attaching disks to, detaching disks from, binding ENIs to, or unbinding ENIs from an instance that is in the Running state. I cannot hot-swap disks or ENIs for a Running instance that uses a custom image.
You can hot-swap disks and ENIs for instances on Alibaba Cloud. However, the hot swapping operations may fail if the operating system kernels of the instances do not support the operations. If the operating system kernels of the instances do not support the operations, the following issues may occur:
- When you attach a disk to or bind an ENI to an instance, the disk or ENI cannot be found in the operating system.
- You cannot detach a disk or unbind an ENI from an instance.
Solution
The operating system kernels of ECS instances and ECS bare metal instances support different features to allow hot swapping. We recommend that you enable the Peripheral Component Interconnect (PCI) hot swapping and the Advanced Configuration and Power Management Interface (ACPI) hot swapping features in the operating system kernels of all your instances. By default, PCI hot swapping and ACPI hot swapping are enabled in all operating systems, except for early versions, such as CentOS 5. Perform the following steps to check whether PCI hot swapping or ACPI hot swapping is enabled in the kernel:
1. Connect to the Linux instance.
  For more information, see Connect to a Linux instance by using a password or key.
2. Run the following command to check the kernel version of the instance:
```
uname -r
```
  The command output that is shown in the following figure indicates that the kernel version is 3.10.0-1127.19.1.el7.x86_64.
3. Run the following command to check the files in the /boot directory:
```
ll /boot
```
  The config-3.10.0-1127.19.1.el7.x86_64 information that is displayed in the command output indicates that the config-3.10.0-1127.19.1.el7.x86_64 file is the configuration file for the system kernel.
4. Run the following command to check the system kernel configurations:
```
cat /boot/config-3.10.0-1127.19.1.el7.x86_64
```
  - If the following configuration items are set to y, the operating system supports the hot swapping features.
```
CONFIG_HOTPLUG_PCI_PCIE=y
CONFIG_HOTPLUG_PCI=y
CONFIG_HOTPLUG_PCI_ACPI=y
```
  - If one of the following configuration items is set to is not set, the corresponding hot swapping feature is not supported by the kernel and you must modify the kernel configurations.
  - If one of the following configuration items is set to m, the configuration item is compiled into a module. For example, the CONFIG_HOTPLUG_PCI_ACPI configuration item is set to m, as shown in the following figure. This indicates that CONFIG_HOTPLUG_PCI_ACPI is compiled into a module. You must load the module to use the corresponding feature.
```
CONFIG_HOTPLUG_PCI_PCIE=y
CONFIG_HOTPLUG_PCI=y
CONFIG_HOTPLUG_PCI_ACPI=m
```
    For example, if you use a CentOS 5.x operating system with kernel version 2.6, the module that corresponds to the CONFIG_HOTPLUG_PCI_ACPI configuration item is acpiphp.ko. To load the module, you must run the modprobe acpiphp command. If the module fails to be loaded, upgrade to a later kernel version or stop the instance, and then perform the hot swapping operations.
    Important
    We recommend that you do not arbitrarily upgrade the kernel versions or operating system versions of instances.

What do I do if an instance may be shut down after an operating system kernel error occurs?
Problem description
When an unexpected kernel error (kernel panic) occurs within the operating system of an instance, a second kernel (capture kernel) is loaded to perform a memory dump to generate a Kdump log file. Due to compatibility issues with the ECS Bare Metal Instance type, the disk identification fails during the startup of the second kernel. As a result, the Kdump log collection fails and the second kernel fails to start. The instance is in the Stopped state. You must restart the instance in the ECS console.
For more information about ECS Bare Metal Instance types, see Overview of instance families.
Cause
ECS bare metal instances may fail to generate dump files by using the Kdump service that comes with operating systems.
- This issue occurs when you use the following images for 6th-generation ECS bare metal instances.
  - CentOS 8.3 or earlier
  - Ubuntu 16/18
  - Debian 10
  - Alibaba Cloud Linux 2 with kernel versions earlier than 4.19.91-24.al7 of (This issue is fixed in Alibaba Cloud Linux 2 starting with kernel version 4.19.91-24.al7.)
- This issue occurs when you select a Debian 10 image for the 7th-generation ECS bare metal instances.
Solution
- CentOS images
  We recommend that you replace the operating system with a later version. For more information, see Replace the operating system of an instance.
- Alibaba Cloud Linux 2 images
  We recommend that you perform the following steps to upgrade the kernel version to 4.19.91-24.al7 or later:
  1. Connect to the ECS instance.
    For more information, see Connect to a Linux instance by using a password or key.
  2. Run the following command to query the kernel version:
```
uname -r
```
  3. Run the following command to upgrade the kernel version:
```
sudo yum update kernel
```
  4. Run the following command to restart the ECS instance for the new kernel version to take effect:
```
sudo reboot
```

Elastic Compute Service:FAQ about images in use of ECS instances

FAQ about images in use of Windows instances

How do I update the virtio driver on a Windows instance?

How do I manage Windows Server Semi-Annual Channel images and instances?

A system time error occurs due to frequent timeBeginPeriod calls in Windows. What do I do?

What do I do if "Content from the website listed below is being blocked by the Internet Explorer Enhanced Security Configuration" error message appears?

When I replace the system disk of a Windows ECS instance or re-initialize the system disk, why is user data not automatically executed?

FAQ about CentOS and Red Hat images

How do I upgrade Red Hat Enterprise Linux (RHEL) 7 to RHEL 8?

How do I resolve a CentOS DNS resolution timeout issue?

After I use a CentOS 7 or Windows instance for an extended period of time without restarting it, the instance is disconnected from the network, the network is no longer available, or the public or private IP address of the instance cannot be pinged. What do I do?

What do I do if a CentOS 7.9 for Arm operating system fails to generate dump files?

How do I convert CentOS 7 to RHEL 7?

Red Hat 8.1 and Red Hat 8.2 images start slowly on ECS bare metal instances. What do I do?

FAQ about Ubuntu images

After the Server Guard (AliYunDun) process is started on ECS instances that run Ubuntu operating systems of specific versions, the load average of the instances becomes high. Why?

FAQ about FreeBSD images

How do I install patches and compile the kernel on FreeBSD?

The system disk of an ECS instance that runs a FreeBSD operating system cannot be found in the KVM environment. What do I do?

FAQ about Fedora images

Why am I unable to use an SSH key pair that uses the ssh-rsa signature algorithm to connect to an instance that runs Fedora 33 64-bit?

After I used a Fedora CoreOS image to create an instance of a specific instance family, I found that the number of CPUs in the lscpu command output is only half the number of vCPUs of the selected instance type. Why?

Others

FAQ about Linux time and time zone

How do I adapt Linux custom images to NVMe-based system disks?

How do I resolve downtime issues that occur on migrated instances?

How do I install GRand Unified Bootloader (GRUB) on a Linux server?

How do I collect kdump information after the operating system of an instance fails?

What do I do if I cannot connect to an instance by using an RSA key?

In an ECS bare metal instance, the kdump service cannot generate crash dump files. What do I do?

A softlockup error occurs during the writeback process of the Linux operating system kernel. What do I do?

A softlockup error occurs when I delete cgroups from an ECS instance. What do I do?

An ECS instance goes down. What do I do?

Do public images come with the FTP service?

Why does ECS disable virtual memory and leave swap partitions unconfigured by default?

How do I enable the kdump service in a public image?

After an IPv6 address is assigned to a Linux instance on which the NTP service is installed, the time of the instance cannot be synchronized with the UTC time. What do I do?

I cannot hot-swap disks or ENIs for a running instance that uses a custom image. Why?

What do I do if an instance may be shut down after an operating system kernel error occurs?