Log In to Continue

Please fill the correct email

If you haven't signed up, please do so by filling out the form on the right → Please sign up for the webinar.

Academy Day - Session 2 - Alibaba Cloud Elastic Compute Service (ECS)

Thursday, Mar. 5, 2020 | 10:20 AM - 11:20 AM UTC+8:00

Academy Day Online Conference-2-Alibaba Cloud Elastic Compute Service.pdf
View More

Overview

Alibaba Cloud Academy Day Online Conference is a free, one-day online conference that helps you familiarize with our core products through step-by-step best practices and technical demos by our experts. This event is ideal for IT leaders, technical decision-makers, and developers who want to develop their strategic roadmap for digital transformation by taking advantage of Alibaba Cloud's latest technology.

Academy Day will be held on Mar. 5th, 2019, featuring seven handpicked sessions based on the courses and certifications by Alibaba Cloud Academy. Join us to explore what's possible with Alibaba Cloud.

Topics

Session Two: Secure and Fast - Alibaba Cloud Elastic Compute Service (ECS)

Virtual machines are the fundamental building block of cloud services, and Alibaba Cloud takes its VMs to new heights with Elastic Compute Service (ECS). Master ECS in this comprehensive webinar, where we’ll talk about everything from backup policy to automatic scaling and health checks.
**

All Sessions of Academy Day

Time (UTC+08) Topic Speaker
09:30 - 10:20 Alibaba Cloud Product Overview Christopher Potts
10:20 - 11:20 Secure and Fast - Alibaba Cloud Elastic Compute Service (ECS) Jeremy Pedersen
11:20 - 12:30 Database on Cloud - Migrate to Alibaba Haimo Liu
14:00 - 14:50 Stable and Robust - Network and Security Jade Huang
14:50 - 15:50 Building a Cloud-Native application on Alibaba Cloud Zhang Yan
15:50 - 16:50 How to use Alibaba Cloud Data warehouse--DataWorks & MaxCompute Derek Meng
16:50 - 17:30 Alibaba Cloud Pricing, Support, and Getting Started Wei Tong

Speaker(s)

  • Jeremy Pedersen, Solution Engineer II, Alibaba Cloud Intelligence

    A passionate technologist who is excited about the opportunities created when small and medium-size businesses embrace the cloud. Jeremy holds a Masters in Computer Vision and currently is helping customers outside China understand and make use of Alibaba Cloud’s platform.

QA section

  • 1. Q: if my application is just to have a website with postgresql database that can host .net core, is ecs or other product suitable? i did create an aliyun instance but not sure how to start

    A: Yes ECS will work fine for this. I recommend you use RDS to run your PostgreSQL database though: it's always a good practice to separate your application and database. This gives you a lot more flexibility in the future as you upgrade and scale your application.

  • 2. Q: Each zone represents certain physical data center location, right? So when choosing an alternate zone, our preference is to choose the one with the lowest latency to our existing zone and having the lowest latency for access from certain country (outside the region). How do we get this information (latency for different zones) to be able to choose the best zone for our servers?

    A: Yes, each zone represents a physical datacenter, with its own independent power supply and network connections. All of the zones within a region are far enough apart that they are physically isolated for disaster tolerance, but they are close enough together that network latency is very low. Unless your application is very time sensitive, you should be able to select *any other zone* within a region as a backup zone for your primary zone, without affecting performance. The really important thing is to choose a *region* which is close to your end users. https://www.alibabacloud.com/help/doc-detail/123712.htm

  • 3. Q: Is it possible to load customized Windows OS into the cloud as a template?

    A: Great question! We do support loading custom virtual machine images on Alibaba Cloud, here’s an article on how it’s done: https://www.alibabacloud.com/help/doc-detail/25464.htm However, I’m not sure Windows licensing would allow you to do this legally.

  • 4. Q: Does Alibaba provide feature for dedicated physical cloud for customer? i.e for deploying VMware

    A: Yes! There are two different ways to get access to dedicated hardware on Aibaba Cloud. The first is DDH (Dedicated Host), where we provide you a dedicated physical machine that is isolated from other tenants, but still includes our virtualization layer. This way, you can launch your ECS instances (VMs) on top of a physical server you control The second is EBM (Elastic Bare Metal). This is a physical machine that does *not* include our virtualization stack. This means you can install your own virtualization tools, such as VMWare, ZStack, or OpenStack. This is the best option if you want to lift-and-shift your entire VMWare stack to the cloud. However, if you are hoping to take advantage of the flexibility of the public cloud, it's probably a better idea to simply use our migration tool to convert each of your VMWare VMs into a machine image that can be run directly on ECS. Instructions here: https://www.alibabacloud.com/help/doc-detail/100916.htm

  • 5. Q: To which storage the snapshot is being stored?

    A: Snapshots are stored inside OSS (Object Storage Service) but the OSS bucket they are stored in - although bound to your account and not accessible to anybody else - is not accessible via the console. So, snapshots are stored in OSS but in a way that is transparent to users.

  • 6. Q: may I allow/deny inbound/outbound TCP port for EIP, just as what securiity groups do for ECS instance private IP?

    A: Yes you can. Security Group rules can be used to set inbound/outbound rules for TCP/UDP and ICMP traffic passing through an EIP. :)

  • 7. Q: is the VPC region must same with the ECS region? Does is has any connection in between?

    A: A VPC is a region-level concept. A VPC group in Beijing cannot include cloud resources you set up in another region such as Shanghai. However, a VPC *can* span multiple zones within a region. So our Beijing VPC could include ECS instances or RDS database instances in Zones A, B, or C. They could all share one VPC group.

  • 8. Q: How to know which Zone to select?

    A: Typically you would choose a region closest to your and/or your customers to reduce latency. Zones, unlike Regions, are physical areas with independent power grids and networks within ONE Region. Therefore, you should expect similar performance from all Zones of a particular Region https://www.alibabacloud.com/help/doc-detail/123712.htm

  • 9. Q: what is zone g, zone H ....?

    A: Each Alibaba Cloud region (a geographical area, such as Hong Kong or Beijing) consists of multiple "Zones". Most regions will have at least two zones. A "zone" is a physically independent datacenter hosted somewhere within the region. Smaller regions will have 2-3 zones (datacenters). Large regions like Hangzhou or Beijing can have up to 6 or 7 zones. Each zone has a name, typically we start the naming from the letter "A" and just go sequentially through the alphabet. So a big region (like Beijing) would have: - Zone A - Zone B - Zone C ... - Zone F

  • 10. Q: May I know why it doen'st use public/private key to access the ECS instance? Using root seems kind of not so secured.

    A: Good question. I used a password for the demo because it was a little faster and easier, but you should *never* do this inproduction: always use an ECS key. As you saw in the second half of my webinar, it's easy to create an SSH key pair on Alibaba Cloud from the "SSH keys" part of the ECS console. I recommend you do that whenever running a production workload. As for why the defualt login is "root", I don't think I can give you a satisfactory answer via Q&A, it's a complex issue and there are a lot of (very strong) opinions in the Linux community around why it's OK (or not OK) to log in as root. I'll underscore that Alibaba Cloud's security team made this decision, and they have been successfully running very large, high-security workloads on ECS for years with no trouble. So this choice has stood the test of time.

  • 11. Q: Hi, I missed some part of the talk. But may i know the difference between using EIP and using snapshot of of ECS instances to create a new instances? (new instance should inherit the old public IP address of old instance right?)

    A: New instances **do not** inherit the public IP of the old isntance. This is exactly why it's important to use an EIP if you want to create a new instance with the *same* public IP as your previous instnace. Further, if you shut an ECS instance down and boot it up later (say, the next day), you will find that you have a new, different public IP. Because public IPs are a limited resource, they are "reclaimed" from non-running instances. This does not apply to Elastic IPs, which is why it's a good idea to use one if you plan to shut down an ECS instance or migrate services into a different ECS instance. Note: you *can* avoid the "lose my IP address at shutdown" behavior by choosing to continue paying for your ECS instance while it's off, but this is quite an expensive way to retain your IP address.

  • 12. Q: Does all the new instances created with template have the same hostname? ex. Best-Practice..

    A: Unless you modify the hostname at creation time, then yes. All our instances use cloud-init scripts to set system settings at boot time, so you can easily override whatever host name was set in the image.

  • 13. Q: what is security enhancement checkbox in the ECS screen?

    A: This automatically installs Alibaba Cloud's "Server Guard" tool on the instance. This tool does things like monitor logs for malicious activity, like attempts to brute-force passwords or install webshells.

  • 14. Q: Another question I have is during the signup for ECS stage, there is an option to subscribe for a backup disc. Will this backup disc be used automatically for snapshot so I so I won't be billed for every snapshot I store?

    A: If you check the "Disk Backup" box, a little menu area will appear which allows you to set up an automatic snapshot policy. This will automatically take periodic snapshots of your ECS instance's system disk. It will be charged for, in the same way that regular snapshots are charged.

  • 15. Q: What is the recommended method to backup sql server database on Windows server if we want to have backup run every 4 hours? 1) Write backup every 4 hours to a separate backup Windows drive and configure snapshot to run every 4 hours on that disk, say 1 hour after the backup time? or 2) Write backup every 4 hours to Object Simple Storage (OSS)? If we want to keep monthly database backup for long term (e.g. 7 years) while daily backups only 1 month, which method (1 or 2, or something else) should we use?

    A: This is a more complex use-case, and I'm sorry to say I'm not very familiar with MS SQL Server. If you are using our RDS database service, then it has its own built-in backup methods which I think can take care of periodic backup for you. You can set automatic backup policies which are similar to the ECS snapshot policy. If you wanted to install MS SQL yourself on an ECS instance, then backing up to OSS is going to be the cheapest and best long-term option (cheaper than full disk snapshots) but it will require some scripting work on your part, to copy your backups over to OSS using a utility such as "ossutil". I would look at using Alibaba Cloud RDS first. If it doesn't meet your needs, then consider installing MS SQL directly on ECS, and use OSS for long term backup retention. If that turns out to be too difficult, then as a very last "plan C" backup, you could back up to a secondary disk mounted on the Windows instance, and make snapshots of that disk.

  • 16. Q: I have an ECS booted up from an image which is created from a snapshot. Now the ECS instance is in production. How can I delete the snapshot now? I think it gets locked with the image ?

    A: You can't. Images can only be deleted if there are *no* ECS instances using that image as the basis for their system disk. Meaning you'd have to delete your ECS instance in order to delete the image.

  • 17. Q: is this something like container service?

    A: Alibaba Cloud ECS is different from our Container Service (Docker) and Kubernetes. To learn more, please visit https://www.alibabacloud.com/product/container-service or https://www.alibabacloud.com/product/kubernetes

  • 18. Q: The webinars will be availaibles on the website after the academy day?

    A: Yes, all webinar replays will be posted on the website at https://www.alibabacloud.com/campaign/academy-day/academy-day-online Find your preferred session and click on "Watch Replay" to start the replay.

  • 19. Q: how many nic card can add to vm

    A: It depends on the instance type. Larger instances can quite a few NICs. For instance the ecs.g6.26xlarge type can have up to 32 network interfaces. See details here: https://www.alibabacloud.com/help/doc-detail/25378.htm#g6

  • 20. Q: Can we get the deck?

    A: Yes, we will be posting the presentation slides at the end of each session. Please re-visit your preferred section after it ends to find the slides.

  • 21. Q: Elastic IP for AWS is free, but for Aliyun, there is a need to pay for it, isn't it?

    A: Yes that's correct, you pay for Elastic IP addresses on Alibaba Cloud. There's a fee for reserving public IPv4 addresses because they are a limited resource. If I recall correctly, AWS charges only for Elastic IP addresses which are not attached to a *running* instance, in order to discourage people from hoarding them. Alibaba Cloud chooses to charge for EIPs on a regular basis regardless of whether they are attached to a running instance or not. That said, the cost for an EIP is relatively low.

  • 22. Q: Do I need to stop the ECS before making the snapshot? I had experienced some of the latest updates/upgrades not being included in the snapshot when I rolled back but if I were to stop the ECS before making the snapshot, then it is up to date. Is that a bug? Or it is meant to be like this

    A: You *can* take a successful snapshot while an ECS instance is running, but it's always a better idea to do it while the instance is off, as you've noticed. ^_^

  • 23. Q: is there any tutorial available for practice to create VM instances, VPC , storage...etc ..

    A: Yes, we do actually! You may start off by checking out our Quick Start Guide https://www.alibabacloud.com/help/doc-detail/63819.htm For more advanced users, you may also explore some tutorials written by our community members at https://community.alibabacloud.com/tags/type_blog-tagid_28404/

  • 24. Q: Video rerun of this please?

    A: Hi there, all webinar replays will be posted on the website at https://www.alibabacloud.com/campaign/academy-day/academy-day-online Find your preferred session and click on "Watch Replay" to start the replay.

  • 25. Q: Hi can I get the deck slides?

    A: Yes, we will be posting the presentation slides at the end of each session. Please re-visit your preferred section after it ends to find the slides.

  • 26. Q: can we use the same certificate of instances in Auto Scaling group? do we need to add EIP to all instances in Auto Scaling group?

    A: When you are using Auto Scaling groups, the best practice is to use an SLB (server load balancer) to distribute connections out to the instances in the scaling group. In this case, you would bind your EIP to the SLB, and your ECS instances wiould *not need* public internet access. They will communicate with the SLB over Alibaba Cloud's internal network (the VPC network), and the SLB instance will then use the EIP to communicate with the outside world.

  • 27. Q: GIVE ME A FREE INSTANCE SO I CAN LEARN YOUR SERVICES I CANT USE YOUR FREE PLAN

    A: I don't have the authority to do this. When did you sign up? If you signed up on alibabacloud.com recently and do not have multiple accounts to your name, you should be able to use our coupons. If you need help with the coupons, contact support by submitting a ticket through the console. Here's the link: https://workorder-intl.console.aliyun.com/#/ticket/createIndex

Load More QA

Sign Up Now

Log in with your Alibaba Cloud account to sign up for this webinar.

Or fill out the form below to sign up.

Thank you for signing up. Sign up for Other Users

Sign Up for the Webinar