After a custom image is created, you can export the image file in the Elastic Compute Service (ECS) console to an Object Storage Service (OSS) bucket and then download the image file from the bucket to your on-premises computer to analyze and back up the image. This topic describes how to export a custom image and the items that you must take note of when you export the image.

Prerequisites

  • An OSS bucket is created in the region where the custom image that you want to export resides. For more information, see Create buckets.
  • An Alibaba Cloud account and a Resource Access Management (RAM) user meet the requirements described in the following table for exporting custom images. For more information, see Permissions.

Background information

Requirements

Item Description
Image format Custom images that were derived from Alibaba Cloud Marketplace images cannot be exported.
Operating system Images that contain Windows Server operating systems cannot be exported.
Number and capacity of data disks
  • Images that contain the snapshots of up to four data disks can be exported.
  • The capacity of each data disk cannot exceed 500 GiB.
    Note If the capacity of a data disk exceeds 500 GiB, you must distribute the data on the disk to multiple data disks that are less than 500 GiB in size and then create and export custom images from these smaller data disks.

Usage notes

Item Description
Export fee Exported image files are stored in OSS buckets. As a result, when you export custom images, you are charged the fees of both OSS storage and traffic used to download the files from the buckets. For information about OSS billing details, see Billing overview.
Export duration The amount of time it takes to export a custom image depends on the size of the image file and the number of concurrent export tasks in the queue.
Exported image file If an exported custom image contains data disk snapshots, multiple image files are generated and reside in the same OSS bucket.
Note Files whose names contain system are system disk snapshots. Files whose names contain data are data disk snapshots. The identifier of a data disk snapshot is the mount point of the source data disk, such as xvdb and xvdc.
Other
  • To use an exported image to create identical Linux instances, make sure that the file system information recorded in /etc/fstab is consistent with the exported data disk snapshot information.
  • If you create a custom image based on a disk that does not contain data, the decompressed image file also does not contain data.
  • An exported image may not start normally on other platforms. You can attach disks contained in the image to obtain data.

Permissions

  • ECS access permissions on OSS resources

    Log on to the RAM console by using an Alibaba Cloud account and authorize ECS to access OSS resources. This way, ECS assumes the AliyunECSImageExportDefaultRole role to obtain the permissions.

  • Permissions to manage OSS buckets
    If you are using a RAM user, you must contact the owner of the corresponding Alibaba Cloud account to authorize the RAM user to manage OSS buckets.
    1. Create custom policies for a RAM user by using an Alibaba Cloud account. For more information, see Create a custom policy on the JSON tab.
      • Grant only read permissions on OSS buckets to a RAM user
        If you use an Alibaba Cloud account to create OSS buckets and want to use a RAM user to export custom images, you must grant read permissions on OSS buckets to the RAM user. Sample policy:
        {
    "Version": "1",
    "Statement": [
        {
            "Action": [
                "oss:GetObject",
                "oss:GetBucketLocation",
                "oss:GetBucketInfo"
            ],
            "Resource": "*",
            "Effect": "Allow"
        }
    ]
}
      • Grant read and write permissions on OSS buckets to a RAM user
        If you want to use a RAM user to create OSS buckets and export custom images, you must grant read and write permissions on OSS buckets to the RAM user. Sample policy:
        {
    "Version": "1",
    "Statement": [
        {
            "Action": [
                "oss:GetObject",
                "oss:GetBucketLocation",
                "oss:GetBucketInfo"
                "oss:GetObject",
                "oss:PutObject",
                "oss:DeleteObject",
                "oss:GetBucketLocation",
                "oss:AbortMultipartUpload",
                "oss:ListMultipartUploads",
                "oss:ListParts",
                "oss:GetBucketInfo",
                "oss:GetBucketUserQos"
            ],
            "Resource": "*",
            "Effect": "Allow"
        }
    ]
}
    2. Attach custom policies to the RAM user by using the Alibaba Cloud account. For more information, see Grant permissions to a RAM user. For information about how to grant read and write permissions on a specified OSS bucket to a RAM user, see Tutorial: Use RAM policies to control access to OSS.

Procedure

  1. Log on to the ECS console.
  2. In the left-side navigation pane, choose Instances & Images > Images.
  3. In the upper-left corner of the top navigation bar, select a region.
    Notice Make sure that the region is the same as the region in which the bucket resides.
  4. Optional:Grant access permissions on OSS resources to ECS
    If you export images for the first time, you must log on to the RAM console by using an Alibaba Cloud and grant access permissions on OSS resources to ECS. This way, ECS assumes the AliyunECSImageExportDefaultRole role to obtain the permissions. If ECS has access permissions on OSS resources, this step is automatically skipped.
    1. Find the image that you want to export. In the Actions column, choose More > Export Image.
    2. In the Cloud Resource Access Authorization dialog box, click Authorize.
    3. On the Cloud Resource Access Authorization page, confirm that AliyunECSImageImportDefaultRole and AliyunECSImageExportDefaultRole are displayed. Then, click Confirm Authorization Policy.
  5. On the Custom Images tab, find the image that you want to export. In the Actions column, choose More > Export Image.
  6. In the Export Image dialog box, configure the following parameters:
    • Optional:Image Format: Select a format in which to export the custom image. Valid values: RAW, VHD, QCOW2, VDI, and VMDK.
      Note
      • The Set Exported Image Format feature is available only in the following regions: India (Mumbai), Japan (Tokyo), Australia (Sydney), Indonesia (Jakarta), Germany (Frankfurt), UAE (Dubai), US (Virginia), UK (London), Singapore (Singapore), US (Silicon Valley), and Malaysia (Kuala Lumpur).
      • For regions that do not support the Set Exported Image Format feature, images in the RAW format are exported by default.
    • OSS Bucket Address: Select an OSS bucket in the same region as the custom image.
    • OSS Object Address: Set the prefix of the object name for the custom image.

      For example, if you set OSS Object Prefix to Demo, the exported image is named Demo-<Automatically generated object name>.

  7. Click OK to export the custom image. The amount of time it takes to export a custom image depends on the size of the image file and the number of concurrent export tasks in the queue. You can go to the Task Logs page in the ECS console to query the task progress by task ID or log on to the OSS console to query the task progress.

    You can cancel an image export task at any time before the task is complete. Go to the Task Logs page in the ECS console, find the task in the specified region, and then cancel the task.

What to do next

Download the custom image to your computer. For more information, see Download objects.
Note If you select the RAW image format, the default name extension of the exported custom image file is .raw.tar.gz, and the name extension of the decompressed image file is .raw. If your computer runs a Mac OS X operating system, we recommend that you use GNU Tar to decompress the image.