You cannot call API operations from an Elastic Computing Service (ECS) instance in a virtual private cloud (VPC) if the instance does not have a public IP address. This topic describes how to call API operations from these instances over the Alibaba Cloud internal network.
Background
ECS provides public endpoints. If an ECS instance does not have public bandwidth or a public IP address, you cannot call API operations using tools such as the Alibaba Cloud command-line interface (CLI) or software development kits (SDKs). In this case, you can use one of the following two methods to call API operations over the Alibaba Cloud internal network:
SDK: The SDK for Java core library V4.5.3 and later supports calling API operations over the internal network in a VPC.
CLI: When you use the CLI, change the endpoint to the one for the corresponding region to call API operations over the internal network.
Note:
These two methods are region-specific. You can use an endpoint to manage resources only in the same region as the ECS instance. Cross-region operations are not supported.
To create ECS instances, use a custom image on which the Alibaba Cloud CLI or an SDK is already deployed. This prevents the instances from failing to load dependencies because they do not have Internet access.
The following table lists the ECS endpoints that support API calls over the internal network. Ensure that the endpoint you use is listed in this table.
Alibaba Cloud region | Region ID | Endpoint |
China (Hangzhou) | cn-hangzhou | ecs-vpc.cn-hangzhou.aliyuncs.com |
China (Shanghai) | cn-shanghai | ecs-vpc.cn-shanghai.aliyuncs.com |
China (Nanjing - Local Region) | cn-nanjing | ecs-vpc.cn-nanjing.aliyuncs.com |
China (Fuzhou - Local Region) | cn-fuzhou | ecs-vpc.cn-fuzhou.aliyuncs.com |
China (Qingdao) | cn-qingdao | ecs-vpc.cn-qingdao.aliyuncs.com |
China (Beijing) | cn-beijing | ecs-vpc.cn-beijing.aliyuncs.com |
China (Zhangjiakou) | cn-zhangjiakou | ecs-vpc.cn-zhangjiakou.aliyuncs.com |
China (Hohhot) | cn-huhehaote | ecs-vpc.cn-huhehaote.aliyuncs.com |
China (Ulanqab) | cn-wulanchabu | ecs-vpc.cn-wulanchabu.aliyuncs.com |
China (Shenzhen) | cn-shenzhen | ecs-vpc.cn-shenzhen.aliyuncs.com |
China (Heyuan) | cn-heyuan | ecs-vpc.cn-heyuan.aliyuncs.com |
China (Guangzhou) | cn-guangzhou | ecs-vpc.cn-guangzhou.aliyuncs.com |
China (Chengdu) | cn-chengdu | ecs-vpc.cn-chengdu.aliyuncs.com |
China (Hong Kong) | cn-hongkong | ecs-vpc.cn-hongkong.aliyuncs.com |
Singapore | ap-southeast-1 | ecs-vpc.ap-southeast-1.aliyuncs.com |
Malaysia (Kuala Lumpur) | ap-southeast-3 | ecs-vpc.ap-southeast-3.aliyuncs.com |
Indonesia (Jakarta) | ap-southeast-5 | ecs-vpc.ap-southeast-5.aliyuncs.com |
Philippines (Manila) | ap-southeast-6 | ecs-vpc.ap-southeast-6.aliyuncs.com |
Thailand (Bangkok) | ap-southeast-7 | ecs-vpc.ap-southeast-7.aliyuncs.com |
Japan (Tokyo) | ap-northeast-1 | ecs-vpc.ap-northeast-1.aliyuncs.com |
South Korea (Seoul) | ap-northeast-2 | ecs-vpc.ap-northeast-2.aliyuncs.com |
Germany (Frankfurt) | eu-central-1 | ecs-vpc.eu-central-1.aliyuncs.com |
UK (London) | eu-west-1 | ecs-vpc.eu-west-1.aliyuncs.com |
US (Silicon Valley) | us-west-1 | ecs-vpc.us-west-1.aliyuncs.com |
US (Virginia) | us-east-1 | ecs-vpc.us-east-1.aliyuncs.com |
UAE (Dubai) | me-east-1 | ecs-vpc.me-east-1.aliyuncs.com |
Method 1 (Recommended): Use an SDK to call operations over the internal network
When you use an SDK, you can call API operations over the internal network using a simple configuration. The following Java code is an example:
import com.aliyun.ecs20140526.Client;
import com.aliyun.ecs20140526.models.DescribeRegionsRequest;
import com.aliyun.ecs20140526.models.DescribeRegionsResponse;
import com.aliyun.teaopenapi.models.Config;
import com.aliyun.teautil.models.RuntimeOptions;
public class Test {
public static void main(String[] args) throws Exception {
Config config = new Config();
// Required. Make sure that the ALIBABA_CLOUD_ACCESS_KEY_ID environment variable is set.
config.setAccessKeyId(System.getenv("ALIBABA_CLOUD_ACCESS_KEY_ID"));
// Required. Make sure that the ALIBABA_CLOUD_ACCESS_KEY_SECRET environment variable is set.
config.setAccessKeySecret(System.getenv("ALIBABA_CLOUD_ACCESS_KEY_SECRET"));
// For the endpoint, see https://api.aliyun.com/product/Ecs
config.setEndpoint("<ENDPOINT>");
// Initialize the ECS client.
Client ecsClient = new Client(config);
// Create a request object to query region information.
DescribeRegionsRequest describeRegionsRequest = new DescribeRegionsRequest();
// Create a runtime options object.
RuntimeOptions runtime = new RuntimeOptions();
// Send the request and obtain the response with region information.
DescribeRegionsResponse response = ecsClient.describeRegionsWithOptions(describeRegionsRequest, runtime);
System.out.println(response.body.toMap());
}
}Method 2: Use the CLI to call operations over the internal network
This example uses the DescribeRegions operation. The sample command is as follows:
aliyun ecs DescribeRegions --endpoint ecs-vpc.cn-hangzhou.aliyuncs.com