Purchasing a Custom ECS

You can select an appropriate billing mode based on the required duration and resource inventory to help you save costs.

This parameter is displayed only when Billing Mode is set to Pay-per-use and you have applied for the open beta test (OBT) of reserved instances. If you want to associate reserved instances (RIs) with your pay-per-use ECSs, select Associate RI and select an RI.

RIs are in the OBT phase. You can apply for OBT.

For details, see Reserved Instance Overview.

Figure 1 Reserved instance

This parameter is displayed only when Billing Mode is set to Spot pricing. You can select Spot or Spot block for Spot Type.

Figure 2 Spot type

• Spot: The price of spot ECSs fluctuates with the market. For details, see Purchasing a Spot ECS.
• Spot block: The price of spot block ECSs depends on the predefined duration. For details, see Purchasing a Spot Block ECS.

A region refers to a physical data center area where ECSs reside. For lower network latency and faster resource access, select the region nearest to your services.

• ECSs in different regions cannot communicate with each other over an intranet.
• Once ECSs are purchased, the region cannot be changed.
• When you purchase ECSs for a CloudPond edge site, the default region is the region where the edge site is located and cannot be changed.

An AZ is a physical location that uses independent power supply and networks. AZs in the same region can communicate with each other over an intranet.

This parameter is only displayed when you select By Type.

This parameter is only displayed when you select By Scenario.

The specifications vary by region and AZ. For details, see the specifications displayed on the console.

1. Select specifications.
   • Select vCPUs and memory, or enter a keyword to search for ECS specifications.

     You can search for ECS flavors when you select By Type.

   • Select ECS specifications by instance family and generation from the list.

     For details about each type, see ECS Types.

   

   • Sold-out vCPU and memory resources cannot be selected. You can select Hide sold-out specifications when purchasing ECSs.
2. Set the displayed range of specifications.
   • Only show latest generation: After this option is selected, only newly released ECS types and specifications are displayed. If this option is not selected, all ECS types and specifications available on the cloud service platform are displayed.
   • Hide sold-out specifications: After this option is selected, sold-out specifications are not displayed.

This parameter is available only when Billing Mode is set to Spot pricing and Spot Type is set to Spot.

• Automatic (Recommended): uses the pay-per-use price as the highest price you are willing to pay for a spot ECS.
• Manual: requires you to set the upper price limit for a spot ECS. The maximum price must be greater than or equal to the market price and less than or equal to the pay-per-use price.

For details, see Purchasing a Spot ECS.

This parameter is available only when Billing Mode is set to Spot pricing and Spot Type is set to Spot block.

• Predefined Duration: a duration that you specify for your spot block ECS. Prices vary depending on predefined durations.

  During the predefined duration, if your spot block ECS is automatically terminated by the system, you will not be billed for the resource usage within the predefined duration. If you delete your spot block ECS within the predefined duration, you will be billed based on the usage duration.

• Price for Each Spot Block ECS: you do not need to configure this parameter.
• (Optional) Number of Durations: This parameter is displayed only when Predefined Duration is set to 6 hours.

For details, see Purchasing a Spot Block ECS.

When using certain public images, Host Security Service (HSS) is enabled by default. HSS Basic Edition provides one-month free trial and automatically installs the HSS agent. HSS Basic Edition provides functions such as weak password and vulnerability detection.

HSS is designed to improve the overall security for ECSs. It helps you eliminate risks, defend against intrusions and web page tampering, provide advanced defense, and manage security operations.

After the one-month free trial period expires, the HSS basic edition quotas will be automatically released, and HSS will not protect your servers.

If you want to continue using HSS or upgrade HSS security capabilities, you need to purchase HSS. For details, see What Should I Do When the Free Trial of HSS Basic Edition Expires?

After ECSs are purchased, you can switch between different HSS editions on the HSS console. For details about differences among different editions, see Specifications of Different Editions.

This parameter is displayed only when the image you select is billed. It specifies a license type for using an OS or software.

Currently, you can select Bring your own license (BYOL), which allows you to use your existing OS license without the need to apply for a license again.

For more information about license types, see License Types.

This parameter is only displayed when you have applied for a storage pool on the Dedicated Distributed Storage page.

Disks are classified as EVS disks and DSS disks based on whether they use dedicated storage resources. DSS disks provide dedicated storage resources.

• DSS: disks are created using resources from the dedicated storage pool.
• EVS: disks are created using public storage resources.

• When you create disks in a DSS storage pool, the disk type must be the same as that of the requested storage pool. For example, both are of the high I/O type.
• For more information about DSS, see Dedicated Distributed Storage Service.

A system disk stores the OS of an ECS, and is automatically created and initialized once the ECS is created.

If you detach the system disk purchased when you buy a yearly/monthly ECS and want to continue using it as a system disk, you can only attach it to the original ECS. If you want to use it as a data disk, you can attach it to any ECS.

To set SCSI and Encryption for the system disk, click Advanced Options.

This parameter is only displayed when Encryption is selected in Advanced Options.

To use the encryption feature, click Create Agency first to grant EVS the permissions needed to obtain KMS keys for EVS disk encryption and decryption.

If you do not have sufficient permissions to grant EVS permissions, contact the user having the Security Administrator permissions to grant the required permissions. For details, see

The encryption parameters are as follows:

• Agency Name: specifies the name of the agency that is used to grant EVS the permissions needed to obtain KMS keys for disk encryption and decryption. When Agency Name is displayed as EVSAccessKMS, KMS permissions have been granted to EVS.
  

  To use the encryption feature, click Create Agency first to grant EVS the permissions needed to obtain KMS keys for EVS disk encryption and decryption.

  If you do not have sufficient permissions to grant EVS permissions, contact the user having the Security Administrator permissions to grant the required permissions.

• KMS Encryption: specifies how to obtain a KMS key.
  • Select an existing key: Select a KMS key from the KMS Key Name drop-down list.
  • Enter a key ID: Select a KMS key using the key ID.
• (Optional) KMS Key Name: specifies the name of the key used to encrypt EVS disks. This parameter is only displayed when KMS Encryption is set to Select an existing key.

  You can select an existing key pair, or click Create KMS Key and create a KMS key on the KMS console. The default value is evs/default.

• KMS Key ID: specifies the ID of the key used to encrypt data disks.

Data disks store user data. If you add data disks when purchasing ECSs, the system will automatically attach the data disks to the ECSs. If you purchase data disks after ECSs are purchased, you need to manually attach the data disks.

• After you attach data disks to an ECS, you need to initialize the disks before using them.
• If you detach the non-shared data disk purchased when you purchase a yearly/monthly ECS and want to attach it again, you can only attach it to the original ECS as a data disk.
• The data disks purchased when you buy a yearly/monthly ECS does not support separate renewal, unsubscription, auto-renewal, changing to pay-per-use, and deletion.

To set SCSI, Sharing, and Encryption for data disks, click Advanced Options.

Configure this parameter only when you need to back up ECSs or EVS disks.

CBR backups can help you restore data in case of any ECS failures. To ensure data security, you are advised to enable backup.

• For CBR pricing details, see How Is CBR Billed?
• Cloud Backup and Recovery is not supported for CloudPond.

This parameter is displayed only when Enable backup is selected.

Virtual Private Cloud (VPC) allows you to create logically isolated, configurable, and manageable virtual networks for ECSs. You can configure security groups, Virtual Private Network (VPNs), CIDR blocks, and bandwidths in your VPC. By default, ECSs in different VPCs cannot communicate with each other.

Figure 3 Network

You can select an available VPC from the drop-down list or create a VPC as required. By default, the system attaches a primary network interface (NIC) and specifies how a private IP address will be assigned.

For details, see VPC and Subnet Planning.

• You need to ensure that DHCP is enabled in the VPC which the ECS belongs to.
• If you want to use the shared VPC and subnet from another account, accept the resource sharing invitation first. For details, see Responding to a Resource Sharing Invitation.

  For more information about VPC subnet sharing, see VPC Sharing in the Virtual Private Cloud User Guide.

The primary NIC provides the default route and cannot be deleted. It is automatically created along with an ECS. After a VPC is specified, the system attaches a primary NIC to the ECS by default and specifies how a private IP address will be assigned.

1. Set Primary NIC: If there are multiple subnets in the VPC, you can select another subnet from the drop-down list as the primary NIC.
2. Set how an IPv4 address will be assigned. Automatically assign IP address is selected by default.
   • Automatically assign IP address: The system automatically assigns a private IPv4 address to the primary NIC.
   • Manually specify IP address: You need to manually assign a private IPv4 address to the primary NIC. Before specifying an IP address, click View In-Use IP Address to avoid address conflict.
     

     If you specify an IP address when creating multiple ECSs in a batch:

     • This IP address serves as the start IP address.
     • The required IP addresses must be consecutive and available within the subnet.
     • The subnet that contains the specified IP address cannot overlap with other subnets.
   • Use existing network interface: This parameter is only displayed when the selected VPC has available network interfaces. You can select an existing network interface from the drop-down list as the primary network interface.
3. (Optional) Set how an IPv6 address will be assigned. IPv6 not required is selected by default.

   This parameter is displayed only when the IPv6 column of the selected ECS flavor is Yes and IPv6 is enabled for the subnet.

   • IPv6 not required: No IPv6 address is allocated to the NIC.
   • Automatically-assigned IPv6 address: The system automatically assigns a private IPv6 address to the NIC.

     If Automatically-assigned IPv6 address is selected, the system assigns IPv6 addresses. In a VPC, ECSs use IPv6 addresses to access the dual-stack intranet.

     To enable an ECS to access the Internet, you need to assign a EIP shared bandwidth, and add the ECS's IPv6 address to the shared bandwidth.

     For details, see Adding EIPs to a Shared Bandwidth.

   

   • For details about how to enable IPv6 for a subnet, see IPv6 Network.
   • After creating an ECS, check whether the ECS has obtained an IPv6 address. If not, enable IPv6 so that the ECS dynamically obtains an IPv6 address. For details, see Dynamically Assigning IPv6 Addresses.

A NIC that can be separately added is an extension NIC. If you need to attach multiple NICs to an ECS, you can add multiple extension NICs and specify their IP addresses.

Extension NICs cannot communicate with external networks before you configure policy-based routes for them. For details, see Configuring Policy-based Routes for an ECS with Multiple NICs.

The number of extended NICs that can be attached to an ECS is determined by the ECS specifications. For details, see A Summary List of x86 ECS Specifications and A Summary List of Kunpeng ECS Specifications.

1. Set Extension NIC1: If there are multiple subnets in the VPC, you can select another subnet from the drop-down list as the extension NIC.
2. Set how an IPv4 address will be assigned. Automatically assign IP address is selected by default.
   • Automatically assign IP address: The system automatically assigns a private IPv4 address to the extension NIC.
   • Manually specify IP address: You need to manually assign a private IPv4 address to the extension NIC. Before specifying an IP address, click View In-Use IP Address to avoid address conflict.
   • Use existing network interface: Specify a NIC as the extension NIC. You can select a NIC from the drop-down list.
3. (Optional) Set how an IPv6 address will be assigned. IPv6 not required is selected by default.

   This parameter is displayed only when the IPv6 column of the selected ECS flavor is Yes and IPv6 is enabled for the subnet.

   • IPv6 not required: No IPv6 address is allocated to the NIC.
   • Automatically-assigned IPv6 address: The system automatically assigns a private IPv6 address to the NIC.

     If Automatically-assigned IPv6 address is selected, the system assigns IPv6 addresses. In a VPC, ECSs use IPv6 addresses to access the dual-stack intranet.

     To enable an ECS to access the Internet, you need to assign a EIP shared bandwidth, and add the ECS's IPv6 address to the shared bandwidth.

     For details, see Adding EIPs to a Shared Bandwidth.

   

   • For details about how to enable IPv6 for a subnet, see IPv6 Network.
   • After creating an ECS, check whether the ECS has obtained an IPv6 address. If not, enable IPv6 so that the ECS dynamically obtains an IPv6 address. For details, see Dynamically Assigning IPv6 Addresses.

When this function is enabled, source IP addresses in the outbound packets will be checked. If the IP addresses are incorrect, the packets will not be sent out. This function helps prevent spoofing packet attacks and improve security. By default, Source/Destination Check is enabled.

The source/destination check settings apply only to the NICs created with the ECSs.

Select an available security group from the drop-down list. You can select multiple security groups for an ECS (no more than five security groups are recommended). The access rules of all the selected security groups apply to the ECS.

When you create an ECS for the first time, the system automatically creates the following default security groups: default, Sys-WebServer, and Sys-FullAccess. For details, see Default Security Groups and Rules.

You can expand Security Group Rules to view details of inbound and outbound rules. Security group rules determine ECS access and usage. For instructions about how to configure security group rules, see Adding a Security Group Rule. Enable protocols and ports as needed. Common protocols and ports are as follows:

• Port 80: default port for web page access through HTTP.
• Port 443: port for web page access through HTTPS.
• ICMP: used to ping ECSs to check their communication statuses.
• Port 22: reserved for logging in to Linux ECS using SSH.
• Port 3389: reserved for remote desktop login to Windows ECSs.

If security groups displayed in the drop-down list do not meet your service requirements, click Create Security Group to create one.

Figure 4 Creating a security group

Parameters for creating a security group are as follows.

Click Configure Security Group Rules to modify rules of the current security group.

For details, see Configuring Security Group Rules.

You can click Security Group Rules to show or hide the security group rules.

• Selected security groups: If there are multiple security groups, you can move a security group up or down to adjust the priority.
• Security group rules: You can view inbound rules and outbound rules.

An EIP is a static public IP address bound to an ECS in a VPC. Using the EIP, the ECS can provide services externally.

The following options are provided:

• Auto assign: The system automatically assigns an EIP with exclusive bandwidth for each ECS. You can set the bandwidth.
• Use existing: An existing EIP will be assigned to an ECS. When using an existing EIP, you are not allowed to create ECSs in a batch.
• Not required: An ECS without an EIP cannot access the Internet. It can only be used to deploy services or clusters in a private network.

For a yearly/monthly ECS, Auto assign is unavailable for EIP. If an EIP is required, bind an existing EIP to the ECS. Alternatively, purchase an EIP that is billed in pay-per-use payment and then bind the EIP to the ECS.

• Dynamic BGP: If there are changes on a network using dynamic BGP, network configurations can be promptly adjusted using the specified routing protocol, ensuring network stability and optimal user experience.
• Static BGP If there are changes on a network using static BGP, network configurations cannot be promptly adjusted and user experience may be affected.

This parameter is displayed only when EIP is set to Auto assign. Each bandwidth can be used by only one EIP.

• Bandwidth: Dedicated bandwidth will be billed by size.
• Traffic: Dedicated bandwidth will be billed by traffic you have actually used.
• Shared bandwidth: The bandwidth can be used by multiple EIPs and you will be billed based on the shared bandwidth.
  

  • A bandwidth can be shared among a limited number of EIPs. If the number of EIPs cannot meet service requirements, switch to a higher shared bandwidth or apply for expanding the EIP quota of the existing bandwidth.
  • Yearly/monthly EIPs do not support shared bandwidths.
  • When a shared bandwidth that is billed on a yearly/monthly basis expires, the system automatically deletes the bandwidth configuration and creates a dedicated bandwidth billed by traffic for the EIPs sharing the deleted bandwidth configuration.

This parameter is displayed only when EIP is set to Auto assign. Select the bandwidth based on service requirements. The unit is Mbit/s.

This parameter is displayed only when EIP is set to Use existing. You can select an available EIP from the drop-down list.

The ECS Name will be the same as the initial hostname in the ECS OS.

The name can contain only letters, digits, underscores (_), hyphens (-), and periods (.).

The name of a Windows ECS can contain a maximum of 15 characters and must be unique, or some Windows applications may be unavailable.

The naming rules of hostnames comply with RFC 952 and RFC 1123.

When you set the ECS name and hostname, you are advised to use letters (a-z), digits (0-9), and hyphens (-) to prevent unknown issues. In the ECS:

• Underscores (_) will be converted to hyphens (-).
• A combination of a hyphen and underscore (-_) will be converted to a hyphen (-).
• Periods (.), hyphens (-), underscores (_), and Chinese characters at the beginning of the name will be ignored.
• If periods (.) and Chinese characters are not at the beginning, they and the content following them will be ignored.

• When you purchase multiple ECSs in batches, the system automatically appends numbers to the end of each ECS name. Custom naming is supported.
  • Automatic naming: The system automatically appends four-digit numbers to the end of each instance name, moving up in increments of 1. For example, if you enter ecs, the first instance will be named as ecs-0001, the second as ecs-0002, and so on.
  • Customizable naming: You can create a custom naming rule using the format, "name_prefix[begin_number,bits]name_suffix", where "begin_number" is a value from 0 to 9999, and "bits" from 1 to 4. For example, if you created a custom naming rule ecs[66,3]abc and created two ECSs, the system automatically names the instances ecs066abc and ecs067abc.
• Allow duplicate name: allows ECS names to be duplicate. If you select Allow duplicate name and create multiple ECSs in a batch, the created ECSs will have the same name.

This parameter is displayed only when Login Mode is set to Password.

Set Password and Confirm Password by referring to Table 13. The two values entered must be the same.

This parameter is displayed only when Login Mode is set to Key pair. You can select an available key pair from the drop-down list or create a key pair by referring to (Recommended) Creating a Key Pair on the Management Console.

If you use an existing key pair, make sure that you have saved the key file locally. Otherwise, logging in to the ECS will fail.

You can add tags to ECSs.

Tags help you easily identify and manage your ECSs. You can add up to 10 tags to an ECS.

For details, see Overview.

Tags added during ECS creation will also be added to the created EIP and EVS disks (including the system disk and data disks) of the ECS. If the instance uses an existing EIP, the tags will not be added to that EIP.

If your organization has created a tag policy for ECS, you need to add tags for ECS based on the tag policy. If a tag does not comply with the tag rules, the creation may fail. Contact the organization administrator to learn details about the tag policy.

After creating the ECS, you can view the tags on the pages providing details about the ECS, EIP, and EVS disks.

If you select certain public images, it is a good practice to use the host monitoring function. Host monitoring collects ECS OS metrics, such as CPU usage, memory usage, and network status, so that you can use these metrics to monitor resource utilization or locate a fault.

After you enable detailed monitoring, an agent will be automatically installed on the ECS to provide fine-grained monitoring of ECS metrics every minute, such as vCPUs, memory, network, disk, and process.

An ECS group applies the anti-affinity policy to the ECSs in it so that the ECSs are automatically allocated to different hosts. For instructions about how to create an ECS group, see section Managing ECS Groups.

An existing ECS attached with a local disk cannot be added to an ECS group. To use ECS group functions, select an ECS group when creating an ECS.

You can inject user data, for example, inject the OS initialization script, to ECSs during ECS creation. During the initial start of the ECS, the data will be automatically injected.

• As text: allows you to enter the user data in the text box.
• As file: enables the text to automatically inject a script file or other files into a specified directory on an ECS when you create the ECS.

For details, see Passing User Data.

When your ECS resources need to be shared with other accounts, or your ECS is delegated to professional personnel or team for management, the tenant administrator creates an agency in IAM and grants the ECS management permissions to the personnel or team. The delegated account can log in to the cloud system and switch to your account to manage resources. You do not need to share security credentials (such as passwords) with other accounts, ensuring the security of your account.

If you have created an agency in IAM, select the agency from the drop-down list. For more information about agencies, see Account Delegation.

• To configure hyper-threading for an ECS, select Specify CPU options.

  For details about hyper-threading, see Enabling or Disabling Hyper-Threading.

• Set Threads per Core.

  This parameter is displayed when Specify CPU options is selected. You can select a parameter value from the drop-down list.

  • 1: one thread per core, which means hyper-threading is disabled.
  • 2 (default value): two threads per core, which means hyper-threading is enabled.

This parameter is displayed only when Billing Mode is set to Yearly/Monthly. It specifies the ECS required duration, from 1 month to 1 year.

This parameter is displayed only when Billing Mode is set to Yearly/Monthly.

For details about auto-renewal, see Auto-Renewal Rules.

This parameter is displayed only when Billing Mode is set to Pay-per-use or Spot pricing. If you select Set scheduled deletion time and set a time, the ECS will be automatically deleted when the time is reached.

After you set a scheduled deletion time, the system automatically deletes the ECS at the specified time. Back up data in advance.

The scheduled deletion time must be at least 1 hour from the current time but not more than 3 years from now. You can change the scheduled deletion time before the instance is deleted.

The system executes the scheduled deletion task every 5 minutes and stops the billing after the ECS is deleted.

You can set how many ECSs to be created in a batch. ECSs created in a batch have the same configurations.

The remaining number of ECSs you are allowed to create is displayed. To ensure effective resource usage, an upper limit is set on the ECSs to be created. If the number of ECSs you need exceeds the upper limit, increase quota.

You can set the following at the bottom of the purchase page:

• When Billing Mode is set to Yearly/Monthly, you can set quantity and required duration.
• When Billing Mode is set to Pay-per-use or Spot pricing, you can set quantity.

After the setting is complete, you can hover over the price to view billing items. If you have any question about the price, click Pricing details.