When you use Elastic Compute Service (ECS), you may need to perform various operations on different resources, such as creating instances, connecting to instances, changing instance configurations, replacing operating systems, and using snapshots. This topic describes the common operations you can perform on ECS resources.
Create and use ECS instances
You can perform the following steps to learn about ECS instance specifications and manage the entire lifecycle of ECS instances, from instance type selection and instance creation to instance management and release.
Learn about instance families.
Before you create ECS instances, you must familiarize yourself with the features, instance types available for purchase, and supported scenarios of ECS instance families and select instance types based on your business scenarios. For more information, see Overview of ECS instance families.
Learn about billing methods.
Different billing methods are suitable for different business scenarios. For example, the subscription billing method is suitable for services that run for 24 hours a day and seven days a week, and the pay-as-you-go billing method is suitable for applications or services that experience traffic spikes. For more information, see Overview.
Create an ECS instance.
Create a subscription instance on the Quick Launch tab. You can create a subscription ECS instance on the Quick Launch tab of the instance buy page in the ECS console within minutes. On the Quick Launch tab, only specific instance types and images are available and most configurations cannot be customized.
Create an instance on the Custom Launch tab. You can customize configurations, such as the image type, instance type, storage, bandwidth, and security groups, based on your business requirements, and create an ECS instance on the Custom Launch tab of the instance buy page in the ECS console.
For more information about how to create an ECS instance, see Create instances.
Connect to an ECS instance.
You can connect to an ECS instance by using Workbench, Session Manager, or Virtual Network Computing (VNC). For more information, see Methods for connecting to an ECS instance.
If you did not configure a logon password when you created an ECS instance or if you forget the logon password of the instance, you can use the password reset feature. For more information, see Reset the logon password of an instance.
Deploy common environments, websites, or applications on an ECS instance.
Upload files to or download files from an ECS instance. For more information, see Upload or download files.
Deploy basic environments on an ECS instance. For more information, see Build a software development environment.
Deploy websites on an ECS instance. For more information, see Build a website.
Deploy common applications, such as databases and code hosting platforms, on an ECS instance. For more information, see Build an application.
Manage the status of an ECS instance.
Start an instance. If an ECS instance is in a state in which services cannot be provided, such as the Stopped state, you must start the instance before you can use the instance.
Stop an instance. You must stop an ECS instance before you can perform specific operations on the instance, such as replacing the operating system, changing the private IP address, and changing the instance type if the instance is a pay-as-you-go instance.
Restart an instance. You may need to restart an ECS instance for maintenance purposes, such as to apply system updates or to save and apply configurations.
Release an ECS instance.
If you no longer require an ECS instance, release the instance at the earliest opportunity to prevent unnecessary costs. For more information, see Release an instance.
Change instance configurations
If the configurations of an ECS instance do not meet your business requirements, you can change the configurations of the instance, including the instance type (vCPUs and memory) and public bandwidth configurations, resize cloud disks on the instance by extending the disk capacity, and replace the operating system of the instance.
Change the instance type of an ECS instance
Upgrade the instance type of a subscription ECS instance or downgrade the instance type of a subscription ECS instance.
Change the instance type of an ECS instance across zones. You can migrate an ECS instance across zones in a region and change the instance type (vCPUs and memory) of the instance to a different instance type in the same instance family.
Change public bandwidth configurations
Modify the public bandwidth configurations of an ECS instance associated with a static public IP address. If an ECS instance is associated with a static public IP address, which is a public IP address that is automatically assigned to the instance, you can change the public bandwidth value or the billing method for network usage of the instance.
Temporarily upgrade the public bandwidth of a subscription ECS instance associated with a static public IP address for a specific period of time. If you temporarily require a higher data transfer speed for a subscription ECS instance that is associated with a static public IP address in special scenarios, you can use the temporary bandwidth upgrade feature to increase the public bandwidth value of the instance for a specific period of time without long-term commitment. When the temporary bandwidth upgrade period ends, the public bandwidth returns to the original value.
Modify the bandwidth of an elastic IP address (EIP). If an ECS instance is associated with an EIP, you can change the maximum bandwidth and metering method of the EIP.
Resize cloud disks by extending the disk capacity
Resize existing cloud disks by extending the disk capacity based on storage requirements. For information about how to resize a cloud disk, see Overview.
Replace the operating system of an ECS instance
Replace the operating system (system disk) of an ECS instance. The operating system replacement operation replaces the system disk and the image of an ECS instance. After you replace the operating system of an ECS instance, the original system disk is released and all data stored on the disk is deleted. Before you replace the operating system of an ECS instance, create snapshots for the system disk to back up disk data.
Migrate and upgrade the operating system of an ECS instance. Technical support for the operating systems of ECS instances may be discontinued due to various reasons such as end of life (EOL), end of third-party support, and evolution of open source projects. If you require technical support for the operating system of an ECS instance and want to retain the data on the system disk, migrate or upgrade the operating system.
Manage the billing of ECS resources
Change the billing methods of ECS resources
You can switch between billing methods for ECS instances as your business requirements change and evolve. The following table describes the resources whose billing methods can be changed.
Resource | Description | References |
Instance | When you change the billing method of ECS instances, the billing methods of their computing resources and system disks are changed to match the billing method of the instance.
| |
Cloud disks |
| |
Public bandwidth | You can change the billing method for network usage by upgrading or downgrading instance configurations for instances that have system-assigned public IP addresses. | Change the billing method for network usage of an ECS instance that uses a static public IP address |
Optimize costs
In addition to subscription, pay-as-you-go and preemptible instance, Alibaba Cloud provides some combinations of billing methods for different ECS resources to reduce costs. You can use a proper combination of billing methods based on your business requirements.
Billing method | Applicable resources | Description | References |
Reserved instance |
| Reserved instances are coupons that can be used to offset the bills of pay-as-you-go instances. | |
SCU |
| Storage capacity units (SCUs) are storage resource plans that can be used to offset the bills of different pay-as-you-go storage resources. | |
Data transfer plan | Public bandwidth | Data transfer plans provide economical solutions designed to offset the fees of IPv4 data transfers from instances billed on a pay-by-traffic basis for network usage. |
Manage data
Use block storage devices to store the operating system data and business data of ECS instances and create snapshots on a periodic basis to back up instance data and improve data reliability.
Block storage devices
Alibaba Cloud provides the following types of block storage devices: cloud disks, local disks, and elastic ephemeral disks. You can use block storage devices in the same manner as you use physical hard disks. You can format block storage devices on ECS instances and create file systems for the devices. For more information, see Overview of Block Storage. You can perform the following common operations on block storage devices:
Create and use cloud disks
Cloud disks can be attached to ECS instances as system to store operating system data or as data disks to store business data. You can create and use cloud disks to provide persistent storage for ECS instances. For more information, see Create and use a cloud disk.
Re-initialize cloud disks
If you want to clear data from a cloud disk and restore the disk to the state the disk was in when the disk was created, you can re-initialize the disk. For more information, see Re-initialize a disk.
Resize cloud disks by extending the disk capacity
Resize an existing cloud disk by extending the disk capacity to accommodate more data and prevent issues such as data loss caused by insufficient storage space. For information about how to resize a disk, see Overview.
Snapshots
Snapshots are an important disaster recovery method, which provide complete point-in-time replicas of cloud disk data. To protect against data loss caused by accidental operations, attacks, or viruses, you can use snapshots to periodically back up business data stored on cloud disks. For more information, see Overview.
Create manual snapshots
Before you perform important operations, such as rolling back cloud disks, modifying critical system files, and replacing operating systems, we recommend that you manually create snapshots for system disks or data disks to back up disk data. This way, when issues or data loss occurs, you can use the snapshots to restore data and ensure service continuity.
For more information about how to create a manual snapshot for a cloud disk, see Create a snapshot.
Create automatic snapshots
You can create automatic snapshots and associate the policy with cloud disks. After you associate an automatic snapshot policy with a cloud disk, automatic snapshots are created for the disk based on the policy to back up the data stored on the disk. For more information, see Create an automatic snapshot policy and Create an automatic snapshot policy for a cloud disk.
Manage networks
Building an elastic and scalable internal network environment in the cloud and performing strict access control are important parts of network security.
Build a VPC
A virtual private cloud (VPC) is a custom private network that you create on Alibaba Cloud. You can specify CIDR blocks, subnets, route tables, and network security policies for your VPC. VPCs are logically isolated from each other. You can use VPCs to control resource access in a more efficient manner and improve data security and flexibility. You can learn about the components of a VPC and plan, create, and manage VPCs. For more information, see Overview.
Enable public bandwidth
After you enable public bandwidth for an ECS instance, the instance has Internet access. To enable public bandwidth for an ECS instance, you can assign a static public IP address to or associate an EIP with the instance. For more information, see Enable public bandwidth.
Access resources deployed in a VPC over the internal network
Compared with Internet-based access, internal network-based access is completely isolated from the Internet and is suitable for internal communication that requires high security and data transfer speeds. You can use private IP addresses and domain names to access resources in VPCs over the internal network. For more information, see Internal network access within a VPC.
Improve network performance
You can use Elastic Remote Direct Memory Access (eRDMA) to improve network performance. eRDMA is a cloud-based, elastic networking technology developed by Alibaba Cloud in-house. eRDMA has the benefits of traditional RDMA network interface controllers (NICs) and applies traditional RDMA technology to VPCs. eRDMA features ultra-low latency that RDMA provides to cloud networks. Select one of the following methods to use eRDMA:
Manage IP addresses in a more efficient manner
You can use prefix lists to improve the efficiency of IP address management. A prefix list is a set of network prefixes (CIDR blocks). You can reference prefix lists to configure network rules for other resources. You can group IP addresses that you frequently use in a prefix list and reference the prefix list in network rules, instead of individually referencing the IP addresses. This improves O&M efficiency.
You can reference prefix lists in security group rules. For more information, see Use prefix lists to simplify management of security group rules.
Provide multiple IP addresses for multiple applications
You can use elastic network interfaces (ENIs) to provide multiple IP addresses for multiple applications hosted on an ECS instance. ENIs are virtual network interfaces that provide network connectivity and IP addresses for ECS instances in VPCs. You can bind one or more ENIs to each ECS instance. You can configure multiple IP addresses for each ENI. This allows a single ECS instance to provide services or access external resources by using different IP addresses. For more information, see Create and use ENIs.
Increase security
You can use the following features to improve the security of ECS instances. For more information about how to improve the security of ECS instances, see ECS instance security.
Security groups
A security group is a virtual firewall that controls the inbound and outbound traffic of ECS instances based on security group rules to prevent unauthorized access and intrusions. Learn about the composition of each security group rule and perform operations on security groups.
Each security group rule consists of authorization objects (sources or destinations of traffic), port ranges, a protocol type, an action (Allow or Deny), and a priority. For more information, see Security group rules.
Create and use security groups. You can associate ECS instances with security groups. After you associate a security group with an ECS instance, the inbound and outbound traffic of the instance is allowed or denied based on the security group rules of the security group. For more information, see Create a security group and Associate security groups with an instance (primary ENI).
Manage security group rules. You can add, modify, or delete the security group rules of a security group. The rule changes take effect on all ECS instances associated with the security group. For more information, see Manage security group rules.
Security groups for different use cases
The following topic describes several use cases for security groups and how to configure security group rules for specific kinds of network access. Guidelines for using security groups and use cases.
Key pairs
A key pair is a credential that can be used to log on to an ECS instance over SSH. Key pairs are more secure than regular passwords against brute-force attacks. You can bind key pairs to ECS instances and use the key pairs to log on to the instances without passwords. For more information, see Bind a key pair to an instance for password-free logon over SSH.
Deployment and elasticity
Scale resources
Automatically create ECS instances to handle Internet traffic surges.
Launch templates
You can use a launch template to store ECS instance creation parameters and quickly create ECS instances from the launch template. This eliminates the need to configure the parameters every time you create ECS instances. Each launch template can have multiple versions, and each version can have different parameters. You can use any version of a specific launch template to quickly create ECS instances.
For information about how to create a launch template and use the template to create ECS instances, see Create a launch template and Create an instance by using a launch template.
Scaling groups
You can use a scaling group to automatically change the number of ECS instances based on business changes. You can create a scaling group based on an existing ECS instance. For more information, see Create a scaling group based on an existing ECS instance.
Use deployment sets
A deployment set provides a deployment strategy for deploying ECS instances on physical servers to prevent single points of failure (SPOFs) and reduce network latency. You can create a deployment set and select a deployment strategy for the deployment set based on your business requirements, such as high availability, network latency, and deployment scale. You can create or add ECS instances in deployment sets. For more information, see Deployment set.
Use IaC tools
You can use Infrastructure as Code (IaC) tools to create and manage ECS resources.
Resource Orchestration Service (ROS) is an automated deployment service that is developed by Alibaba Cloud based on the IaC concept and is used to simplify the management of cloud computing resources. You can create a template to define cloud resources and dependency relationships between the resources. The ROS engine automatically creates and configures all resources in a stack based on the template to implement automated deployment and O&M.
You can create a stack template in the ROS console or by calling API operations to quickly create and manage resources. For more information, see Create a stack or List of API operations by function. You can create ROS templates that declare the resources required to perform the following operations:
Terraform
Terraform is an open source IaC tool that developers can use to define and manage infrastructure configurations by using a declarative language. Terraform provides a simple method to create, modify, or delete ECS resources. Terraform helps reduce the complexity and errors of manual operations to improve the manageability and maintainability of infrastructure.
You can install and configure Terraform and use Terraform to manage ECS instances. For more information, see Terraform Reference.
O&M and monitoring
Configure alert rules for ECS instances
You can enable the initiative alert feature or configure custom alert rules for ECS instances to detect exceptions on the instances and handle potential risks at the earliest opportunity. For more information, see Configure alert rules for an ECS instance.
Manage system events
System events are defined by Alibaba Cloud to record and notify you of cloud resource information. You can identify risks and exceptions and implement automated O&M based on system events. For more information, see Overview.
Use automated O&M tools
Cloud Assistant is a native automated O&M tool developed for ECS. Cloud Assistant allows you to batch run commands, such as shell, PowerShell, and batch commands, to execute various tasks on ECS instances in a password-free manner without the need to log on to the instances or use jump servers. You can use Cloud Assistant to perform automated O&M tasks, poll processes, install or uninstall software, start or stop services, and install patches or security updates.
CloudOps Orchestration Service (OOS) is an automated O&M service provided by Alibaba Cloud that helps manage and run O&M tasks in the cloud. You can create templates to define execution tasks, the sequence of the tasks, input parameters, and output parameters, and use the templates to automatically run O&M tasks.
Migration
Migrate on-premises services to the cloud.
Migrate servers to Alibaba Cloud
You can use the custom image import feature or Server Migration Center (SMC) to migrate on-premises physical machines, on-premises virtual machines (VMs), and third-party cloud servers to Alibaba Cloud. SMC is a migration platform provided by Alibaba Cloud. For more information, see Server migration guide.
Migrate ECS instances in Alibaba Cloud
You may want to migrate data between ECS instances within or across Alibaba Cloud accounts or regions due to insufficient resource inventory, cost optimization, disaster recovery, or disk capacity scale-down, migrate data from a simple application server to an ECS instance, or migrate an ECS instance from a dedicated host to a shared host. Select a migration method based on the migration scenario. For more information, see Server migration guide.
Development
You can programmatically integrate the capabilities of ECS in your business system, including operations such as creating, changing, and maintaining ECS instances, to simplify operations and manage costs. For more information, see Integration overview.
ECS OpenAPI: is the ECS API.
Integration methods: ECS allows you to manage cloud resources by using different methods, such as SDKs and CLI.