Updated on 2024-05-20 GMT+08:00

Creating an ECS at an edge site

This section describes how to create an ECS on the CloudPond management console.

Basic Settings

  1. Select a region.

    The default region for CloudPond is the region where the edge site is located. The region cannot be changed.

  2. Select a billing mode.

    Currently, only pay-per-use is supported.

  3. Select an AZ.

    The default AZ for CloudPond is an edge AZ. The AZ cannot be changed.

  4. Select a CPU architecture.
    • x86: The X86-based CPU architecture uses Complex Instruction Set Computing (CISC). Each instruction can be used to execute low-level hardware operations, and the length of each instruction is different. Therefore, the number of instructions is large and they are complex. The execution of such an instruction is complex and time-consuming.
    • Kunpeng: The Kunpeng-based CPU architecture uses Reduced Instruction Set Computing (RISC). RISC is a microprocessor that executes fewer types of computer instructions but at a higher speed than CISC. RISC simplifies the computer architecture and improves the running speed. Compared with the x86-based CPU architecture, the Kunpeng-based CPU architecture has a more balanced performance and power consumption ratio. Kunpeng features high density, low power consumption, high cost-effectiveness.
  5. Select a flavor.

    The cloud service platform provides various ECSs for you to select based on application scenarios. You can choose from existing ECS types and flavors in the list. Alternatively, you can enter a flavor or specify vCPUs and memory size to search for the flavor suited to your needs.

    • When purchasing an ECS, sold-out vCPU and memory resources cannot be selected. You can select Hide sold-out specifications to hide specifications that have been sold out.
  6. Select an image.
    • Public images

      A public image is a standard, widely used image. It contains an OS and preinstalled public applications and is available to all users. If a public image does not contain the application environments or software you need, you can use the public image to create a cloud server and then deploy required software as needed.

    • Private images

      A private image is an image available only to the user who created it. A private image contains an OS, preinstalled public applications, and a user's private applications. When you use a private image to create an ECS, you need much less time to configure the ECS.

      For instructions about how to create a private image, see Creating a Private Image.

    • Shared images

      A shared image is a private image shared by another user.

    • Marketplace images

      A Marketplace image is a third-party image that has an OS, application environment, and software preinstalled. You can use marketplace images to deploy websites and application development environments with a few clicks. No additional configuration is required.

      If you use a Marketplace image, after you click Marketplace image, the system displays Marketplace images for you to choose from. For example, if the image product is name1 (test_001), name1 is the image name, and test_001 is the product name. You can search for your desired Marketplace image by image name or product name. Alternatively, you can click the image name to view more information about the image.

  7. (Optional) Set Protection.

    When using certain public images, you are advised to use Host Security Service (HSS) to improve the overall security for ECSs. HSS is designed to improve the overall security for ECSs. It reduces intrusion risks with asset management, vulnerability management, intrusion detection, and baseline inspection functions.

    Select one of the following options:
    • HSS basic edition (free): provides HSS basic edition (1-month free trial), account cracking protection, weak password detection, and malicious program detection.

      After the free trial period expires, the HSS basic edition quotas will be automatically released, and HSS will not protect your servers.

      If you want to retain or upgrade HSS security capabilities, you are advised to purchase HSS. For details, see Editions and Features.

      This option is selected by default.

    • None: Select this option if you do not need security protection.

    After you select an HSS edition, the system automatically installs the HSS agent, enables account cracking prevention, and offers host security functions.

    HSS provides basic, enterprise, premium, and WTP editions. Switch between these editions on the HSS management console. For details about the differences between versions, see Editions.

  8. Set the system disk and data disks

    You can create multiple data disks for an ECS and configure functions for each data disk. When creating an ECS, you can add up to 23 data disks to the ECS. The disk size can be customized. You can select Release with ECS based on service requirements. After an ECS is created, you can add up to 23 VBD disks or 59 SCSI disks to it.

    Click Show and set the following functions if required:

    • SCSI: If you select this option, the device type of the data disk is SCSI. For more information about SCSI disks and supported ECSs, see Device Types and Usage Instructions.
    • Share: If you select this option, the data disk is sharable. Then, your disk can be attached to multiple ECSs. Shared disks will not be released with ECSs.
    • Create Disk from Data Disk Image: If you have created a data disk image on the Image Management Service page, when using a Windows or Linux image to create an ECS, you can use the data disk image to create data disks for the ECS.

      Click Create Disk from Data Disk Image. In the dialog box that is displayed, select your data disk image.

      • One data disk image can be used only for one data disk.
      • When you use a data disk image to create a disk, SCSI, Share, and Encryption are unavailable.
      • For instructions about how to create a data disk image, see Image Management Service User Guide.
  9. Click Next: Configure Network.

Network Settings

  1. Set the network.

    Select an available VPC and subnet from the drop-down list and specify how a private IP address will be assigned. If no VPC is available, click Create VPC to create one.

  2. (Optional) Add an extension NIC. You can add multiple extension NICs to an ECS and specify IP addresses for them (including primary NICs).
    • IPv6 not required/Automatically-assigned IPv6 address: This parameter is available only if the ECS is of specific flavors and in a VPC with IPv6 enabled. For details about how to enable IPv6 on a subnet, see IPv4 and IPv6 Dual-Stack Network. For details about how to check whether an ECS supports IPv4 and IPv6 dual stack, see "Constraints" in Dynamically Assigning IPv6 Addresses.

      By default, the system assigns IPv4 addresses. If you select Automatically-assigned IPv6 address, the system assigns IPv6 addresses. In a VPC, an ECS uses an IPv6 address to access the dual-stack intranet. To access the Internet, you must enable IPv6 Bandwidth and select a shared bandwidth. The HECS X instance then can access the IPv6 Internet through the IPv6 address.

      After purchasing an ECS, enable IPv6 so that the ECS dynamically obtains an IPv6 address. For details, see Dynamically Assigning IPv6 Addresses.

      • IPv6 can only be enabled during instance creation. Once enabled, the configuration cannot be modified. If IPv6 Bandwidth is not enabled during instance creation, you can enable it after the instance is created.
      • Dedicated bandwidth is not supported.
    • Set Source/Destination Check.

      When this function is enabled, source IP addresses in the outbound packets will be checked. If the IP addresses are incorrect, the packets will not be sent out. This function helps prevent spoofing packet attacks and improve security. By default, Source/Destination Check is set to ON.

      The source/destination check settings apply only to the NICs created with the ECS.

  3. Specify Security Group.

    Select an available security group from the drop-down list. If no security group is available, create a security group and configure a security group rule first.

  4. Set EIP.

    An EIP is a static public IP address bound to a cloud server in a VPC. Using the EIP, the cloud server provides services externally.

    You can select one of the following options as needed:

    • Do Not Use: Without an elastic IP address, the ECS cannot access the Internet and is used only in the private network or cluster.
    • Automatically assign: An EIP that uses shared bandwidth is automatically assigned to each node.

      Bandwidth Name: Select an available shared bandwidth from the drop-down list. If no shared bandwidth is available, click Buy Shared Bandwidth to apply for one. For details, see Assigning a Shared Bandwidth.

    • Use existing: An existing EIP will be assigned to the cloud server. When using an existing EIP, you cannot create ECSs in batches.
  5. Click Next: Configure Advanced Settings.

Advanced Settings

  1. Set ECS Name.

    The ECS name can contain only letters, digits, underscores (_), hyphens (-), and periods (.).

    If multiple ECSs are purchased at a time, the system automatically sequences these ECSs. For example, if you enter ecs, the ECS names will be ecs-0001, ecs-0002, ...

    Allow duplicate ECS names: allows ECS names to be duplicate. If you select Allow duplicate ECS names and create multiple ECSs in a batch, the created ECSs will have the same name.

    The name of a Windows ECS can contain a maximum of 15 characters and must be unique. Otherwise, some Windows applications cannot be used.

    The ECS Name set in this step will be the initial host name in the ECS OS.

    Consecutive periods (.) or hyphens (-) will be replaced with the first character to prevent unknown issues.

  2. Set Login Mode.

    Key pair is recommended because it is more secure than Password. If you select the password-based authentication, ensure that the password meets the strength requirements listed in Table 1 to prevent malicious attacks.

    • Key pair

      If you select Key Pair, a key pair will be used for ECS login authentication. You can select an existing key pair, or click Create Key Pair and create a desired one.

      If you use an existing key pair, make sure that you have saved the key file to a local directory. Otherwise, logging in to the ECS will fail.

    • Password

      A username and its initial password will be used for cloud server login authentication.

      The initial password of user root is used to authenticate Linux ECSs, while that of user Administrator is used to authenticate Windows ECSs.

      The passwords must meet the requirements described in Table 1.

      Table 1 Password complexity requirements

      Parameter

      Rule

      Password

      Consists of 8 to 26 characters.

      Must contain at least three of the following character types:
      • Uppercase letters
      • Lowercase letters
      • Numbers
      • Special characters for Windows ECSs: $! @ % - _ = + []:./,?
      • Special characters for Linux ECSs: ! @ % - _ = + []:./^,{}?

      The password cannot contain the username or the username spelled backwards.

      For Windows servers, the password cannot contain more than two consecutive characters of the username.

      For a Windows ECS, the password cannot start with a slash (/).

    • Set the password after creating the ECS.

      The password for logging in to the ECS is not configured during the ECS creation. After the ECS is created, select Reset Password in the Operation column, set a password for the ECS as prompted, and log in to the ECS.

  3. Configure Cloud Eye.

    If you select certain public images, it is a good practice to use the host monitoring function. Host monitoring collects ECS OS metrics, such as CPU usage, memory usage, and network status, so that you can use these metrics to monitor resource utilization or locate a fault.

    Enable Detailed Monitoring. After you enable this function, the system will automatically install an agent on the ECS to provide 1-minute detailed monitoring for your ECS.

    For details about the monitoring metrics after the agent is installed, see OS Monitoring Metrics Supported by ECSs with the Agent Installed.

  4. (Optional) Set an ECS group.

    This parameter is optional. ECSs in an ECS group are created on different hosts based on the anti-affinity policy or fault domain policy. For details about how to create an ECS group, see Managing ECS Groups.

  5. To use functions listed in Advanced Options, select Configure now. Otherwise, do not select it.
    • User Data

      Enables the ECS to automatically inject custom instance data when the ECS starts for the first time. This configuration is optional. After this function is enabled, the ECS automatically injects data during its first startup.

      • As text: allows you to enter the user data in the text box.
      • As file: allows you to inject a script or other files when you create an ECS.

      For example, if you activate user root permission using script data injection, you can log in to the ECS as user root.

      For details, see Passing User Data to ECSs.

    • Tag

      Identifier of the ECS. This parameter is optional. Tags help you easily identify and manage your ECS resources. You can add up to 10 tags to an ECS.

      Tags added during ECS creation will also be added to the created EIP and EVS disks (including the system disk and data disks) of the ECS. If the instance uses an existing EIP, the tags will not be added to that EIP.

      If your organization has created a tag policy for ECS, you need to add tags for instances based on the tag policy. If a tag does not comply with the tag rules, the creation may fail. Contact the organization administrator to learn details about the tag policy.

      After creating the ECS, you can view the tags on the pages providing details about the ECS, EIP, and EVS disks.

      For detailed operations, see Tags.

    • Agency

      This parameter is optional. When your ECS resources need to be shared with other accounts, or your ECS is delegated to professional personnel or team for management, the tenant administrator creates an agency in IAM and grants the ECS management permissions to the personnel or team. The delegated account can log in to the cloud system and switch to your account to manage resources. This way, you do not need to share security credentials (such as passwords) with other accounts, ensuring the security of your account.

      If you have created an agency in IAM, select the agency from the drop-down list. For more information about agencies, see Account Delegation.

  6. Click Next: Confirm.

Confirming Configurations

  1. Check whether the basic, network, and advanced configurations of the ECS meet service requirements.
  2. Set usage duration.

    Back up data before you set the scheduled deletion time.

  3. Quantity: sets the number of ECSs to be purchased.

    The maximum number of ECSs you are allowed to purchase is displayed.

  4. Read the agreement and select the Agreement option.
  5. Confirm the configuration and click Submit.

    After an ECS is created, it starts by default.