From 6d63e43c601c80059c914cbcbbc5847d393ae6a5 Mon Sep 17 00:00:00 2001 From: wb-fwf655537 Date: Tue, 28 Nov 2023 18:17:52 +0800 Subject: [PATCH] Added the solution template: iot-platform-device-data-on-the-cloud.yaml --- README-CN.md | 129 ++-- README.md | 129 ++-- ...iot-platform-device-data-on-the-cloud.yaml | 565 ++++++++++++++++++ 3 files changed, 695 insertions(+), 128 deletions(-) create mode 100644 solutions/iot-cloud/iot-platform-device-data-on-the-cloud.yaml diff --git a/README-CN.md b/README-CN.md index 69a3d325..ca60ea42 100644 --- a/README-CN.md +++ b/README-CN.md @@ -295,72 +295,73 @@ ROS 模板的示例和最佳实践。模板分类如下:
solutions -| 模板 | 说明 | -| ---- | ---- | -| [backup-recovery/application-business-migration.yml](./solutions/backup-recovery/application-business-migration.yml) | 同地域跨可用区容灾的解决方案2.0,介绍单可用区到跨可用区的迁移及切换演练,以模拟wordpress应用服务为例,帮助客户更清晰地了解方案架构;切换演练需要手动到对应产品的控制台操作,此模版配合单可用区应用搭建完成应用业务迁移。 | -| [backup-recovery/cross-the-available-zone-disaster.yml](./solutions/backup-recovery/cross-the-available-zone-disaster.yml) | 本文介绍同城跨区域容灾演练的基本操作步骤,以云市场镜像Magento电子商务系统镜像搭建电商网站环境。 | -| [backup-recovery/cross-the-available-zone-epidemic-control.yml](./solutions/backup-recovery/cross-the-available-zone-epidemic-control.yml) | 本文介绍同城跨区域容灾演练的基本操作步骤,以快速搭建疫情护航应用基础服务为例。在建立云上稳定性保障的基础上实现了疫情护航项目部署方案。 | -| [backup-recovery/deploy-the-rds-environment.yml](./solutions/backup-recovery/deploy-the-rds-environment.yml) | 在以往的数据库异地备份方案中,往往采用本地备份压缩后上传异地的方式来做,不便于整个备份集的管理,对于历史备份数据,随着时间间隔的增大,被查询的可能性越来越低,一视同仁会浪费一定的存储资源。目标:追求经济的数据库的备份方案,低时间成本查询数据集需求。 | -| [backup-recovery/self-built-elastic-search-snapshot-saved-to-oss.yml](./solutions/backup-recovery/self-built-elastic-search-snapshot-saved-to-oss.yml) | 本文介绍如何通过快照的方式,将快照数据安全备份到阿里云OSS存储空间及如何将备份在OSS的快照仓库恢复到阿里云ElasticSearch实例。 | -| [backup-recovery/single-available-zone-building-application.yml](./solutions/backup-recovery/single-available-zone-building-application.yml) | 同地域跨可用区容灾的解决方案2.0,介绍单可用区到跨可用区的迁移及切换演练,以模拟wordpress应用服务为例,帮助客户更清晰地了解方案架构;切换演练需要手动到对应产品的控制台操作,此模版完成单可用区应用搭建。 | -| [backup-recovery/zero-loss-of-trading-system-data.yml](./solutions/backup-recovery/zero-loss-of-trading-system-data.yml) | 中小型公司交易系统数据零丢失最佳实践 - 云上环境部署。 | -| [bioscience/bcs-3rd-generation-gene-sequence-data-assembly.yml](./solutions/bioscience/bcs-3rd-generation-gene-sequence-data-assembly.yml) | 本文介绍如何基于批量计算服务提供的WDL-Canu解决方案,进行三代基因组组装的最佳实践。 | -| [cloud-market/deploy-high-availability-architecture-to-the-cloud.yml](./solutions/cloud-market/deploy-high-availability-architecture-to-the-cloud.yml) | 在两个可用区下创建多种资源并组合使用,达到高可用的通用产品上云部署的架构效果。 | -| [cloud-market/deploy-small-architecture-to-the-cloud.yml](./solutions/cloud-market/deploy-small-architecture-to-the-cloud.yml) | 在单个可用区下创建多种资源并组合使用,达到小型的通用产品上云部署的架构效果。 | -| [cloud-market/elastic-ha-architecture-to-the-cloud.yml](./solutions/cloud-market/elastic-ha-architecture-to-the-cloud.yml) | 利用弹性伸缩组和阿里自研云数据库POLARDB,在两个可用区下创建多种资源并组合使用,达到高可用并具备弹性的通用产品上云部署的架构效果。 | -| [compute-nest/compute-nest-on-premises-solution-sag.yml](./solutions/compute-nest/compute-nest-on-premises-solution-sag.yml) | 计算巢的云下服务上云能力实现,可以保证云服务商的云下服务能力上云,通过集成SAG、CCN、CEN、VPC、ECS等云产品,自动化实现云下网络同云上VPC互联,天然跟计算巢当前的虚拟互联网融合,通过终端节点的方式提供给跨VPC、跨用户访问云下服务的能力。 | -| [container-micro-service/spring-cloud-cloud-native-migration.yml](./solutions/container-micro-service/spring-cloud-cloud-native-migration.yml) | 在已有虚拟专有网络、交换机和安全组基础资源上,使用ECS和ACK托管版等资源搭建Spring Cloud的架构参考示例,方便用户在阿里云上部署和迁移Spring Cloud应用。 | -| [container-micro-service/spring-cloud-hostingack-service.yml](./solutions/container-micro-service/spring-cloud-hostingack-service.yml) | 无需改造即可迁移,应用间的调用都是原来的方式;平滑迁移,迁移成本小;kubernetes天然适合微服务框架;充分利用kubernetes的弹性,满足应用弹性扩容需求;容器化后,资源利用率获得极大提升。 | -| [data-analysis/existing-vpc-cluster-flink.yml](./solutions/data-analysis/existing-vpc-cluster-flink.yml) | 本文介绍了在已有虚拟专有网络、交换机和安全组基础资源上,创建多台ECS(Flink),其中一台绑定弹性IP作为管理节点,其他节点使用弹性伸缩进行管理;Java jdk版本是1.8.0,Flink版本是1.10.2,访问UI界面需要安全组配置8081端口入规则。 | -| [data-analysis/existing-vpc-cluster-hdfs.yml](./solutions/data-analysis/existing-vpc-cluster-hdfs.yml) | 在已有虚拟专有网络、交换机和安全组基础资源上,创建多台ECS(Hadoop HDFS),其中一台绑定弹性IP作为管理节点,其他节点使用弹性伸缩进行管理;Java jdk版本是1.8.0,Hadoop版本是2.7.7,访问管理界面需要安全组配置50070端口入规则。 | -| [data-analysis/existing-vpc-cluster-hive.yml](./solutions/data-analysis/existing-vpc-cluster-hive.yml) | 在已有虚拟专有网络、交换机和安全组基础资源上,创建多台ECS(Hive),其中一台绑定弹性IP作为管理节点,其他节点使用弹性伸缩进行管理;Java jdk版本是1.8.0,Hadoop版本是2.7.7,Scala版本是2.12.1,Spark版本是2.1.0,Hive版本是2.3.7,访问Spark管理界面需要安全组配置8080端口入规则,访问Hive管理界面需要安全组配置10001端口入规则。 | -| [data-analysis/existing-vpc-cluster-map-reduce.yml](./solutions/data-analysis/existing-vpc-cluster-map-reduce.yml) | 在已有虚拟专有网络、交换机和安全组基础资源上,创建多台ECS(Hadoop MapReduce),其中一台绑定弹性IP作为管理节点,其他节点使用弹性伸缩进行管理;Java jdk版本是1.8.0,Hadoop版本是2.7.7,访问YARN管理界面需要安全组配置8088端口入规则,访问HDFS管理界面需要安全组配置50070端口入规则。 | -| [data-analysis/existing-vpc-cluster-spark.yml](./solutions/data-analysis/existing-vpc-cluster-spark.yml) | 在已有虚拟专有网络、交换机和安全组基础资源上,创建多台ECS(Spark),其中一台绑定弹性IP作为管理节点,其他节点使用弹性伸缩进行管理;Java jdk版本是1.8.0,Hadoop版本是2.7.7,Scala版本是2.12.1,Spark版本是2.1.0,访问管理界面需要安全组配置8080端口入规则。 | -| [data-analysis/existing-vpc-cluster-storm.yml](./solutions/data-analysis/existing-vpc-cluster-storm.yml) | 在已有虚拟专有网络、交换机和安全组基础资源上,创建多台ECS(Storm),其中一台绑定弹性IP作为管理节点,其他节点使用弹性伸缩进行管理;Java jdk版本是1.8.0,Storm版本是2.2.0,Zookeeper版本3.6.2,访问UI界面需要安全组配置允许入方向8081端口。 | -| [data-analysis/existing-vpc-cluster-yarn.yml](./solutions/data-analysis/existing-vpc-cluster-yarn.yml) | 在已有虚拟专有网络、交换机和安全组基础资源上,创建多台ECS(Hadoop YARN),其中一台绑定弹性IP作为管理节点,其他节点使用弹性伸缩进行管理;Java jdk版本是1.8.0,Hadoop版本是2.7.7,访问YARN管理界面需要安全组配置8088端口入规则,访问HDFS管理界面需要安全组配置50070端口入规则。 | -| [data-analysis/low-cost-offline-big-data-analysis-emr.yml](./solutions/data-analysis/low-cost-offline-big-data-analysis-emr.yml) | 本方案利用ROS创建EMR以及日志服务LOG、对象存储OSS等产品资源,结合手动操作电商网站日志埋点采集存储投递并利用EMR进行日志消费分析,来展示构建弹性低成本的离线海量日志大数据分析的最佳实践。 | -| [data-analysis/low-cost-offline-big-data-analysis.yml](./solutions/data-analysis/low-cost-offline-big-data-analysis.yml) | 本模板可以帮助用户搭建以抢占式ECS实例及对象存储为基础的云上离线大数据分析系统平台,并提供完整的demo演示,可供客户以及一线业务架构师进行PoC测试验证。 | -| [data-analysis/sls-multi-cloud-log-processing-analysis.yml](./solutions/data-analysis/sls-multi-cloud-log-processing-analysis.yml) | 从第三方云平台或线下IDC服务器上采集日志写入到阿里云日志服务,通过日志服务进行数据分析,帮助提升运维、运营效率,建立 DT 时代海量日志处理能力。 | -| [data-migration/low-cost-link-to-business-data.yml](./solutions/data-migration/low-cost-link-to-business-data.yml) | 本实践适用于提供业务数据搬迁上云服务。业务数据量一般都比较大,迁移上云需要大量的网络带宽,BGP费用比较高。 阿里云对用户开放所需地域购买静态单线共享带宽包的权限(移动/联通/电信均可),可用为迁移数据有效降低成本。 | -| [data-migration/self-built-hive-data-warehouse-migrated-to-emr.yml](./solutions/data-migration/self-built-hive-data-warehouse-migrated-to-emr.yml) | 本方案利用ROS创建自建Hadoop集群的数据迁移到阿里云自建Hadoop或者EMR。 | -| [database/polardb-migration-from-rds.yml](./solutions/database/polardb-migration-from-rds.yml) | 解决RDS MySQL或自建MySQL遇到的性能或容量瓶颈,迁移上下PolarDB链路打通。 | -| [database/deploy-mysql-based-on-ebs.yml](./solutions/database/deploy-mysql-based-on-ebs.yml) | 基于EBS ESSD部署高性能的MySQL服务。 | -| [devops/container-application-devops-for-ack-cluster.yml](./solutions/devops/container-application-devops-for-ack-cluster.yml) | DevOps的目的是构建一种文化和环境,使构建,测试,发布软件更加快捷,频繁和可靠。而到了容器时代,需要部署的机器不但量更大,变化更剧烈,有的甚至需要根据条件自动升缩,为了满足企业敏捷的需求,持续部署也成了必须,本方案使用云效完成容器应用(小程序后端服务)的自动化构建和持续部署。 | +| 模板 | 说明 | +|----------------------------------------------------------------------------------------------------------------------------------------------------------------------| ---- | +| [backup-recovery/application-business-migration.yml](./solutions/backup-recovery/application-business-migration.yml) | 同地域跨可用区容灾的解决方案2.0,介绍单可用区到跨可用区的迁移及切换演练,以模拟wordpress应用服务为例,帮助客户更清晰地了解方案架构;切换演练需要手动到对应产品的控制台操作,此模版配合单可用区应用搭建完成应用业务迁移。 | +| [backup-recovery/cross-the-available-zone-disaster.yml](./solutions/backup-recovery/cross-the-available-zone-disaster.yml) | 本文介绍同城跨区域容灾演练的基本操作步骤,以云市场镜像Magento电子商务系统镜像搭建电商网站环境。 | +| [backup-recovery/cross-the-available-zone-epidemic-control.yml](./solutions/backup-recovery/cross-the-available-zone-epidemic-control.yml) | 本文介绍同城跨区域容灾演练的基本操作步骤,以快速搭建疫情护航应用基础服务为例。在建立云上稳定性保障的基础上实现了疫情护航项目部署方案。 | +| [backup-recovery/deploy-the-rds-environment.yml](./solutions/backup-recovery/deploy-the-rds-environment.yml) | 在以往的数据库异地备份方案中,往往采用本地备份压缩后上传异地的方式来做,不便于整个备份集的管理,对于历史备份数据,随着时间间隔的增大,被查询的可能性越来越低,一视同仁会浪费一定的存储资源。目标:追求经济的数据库的备份方案,低时间成本查询数据集需求。 | +| [backup-recovery/self-built-elastic-search-snapshot-saved-to-oss.yml](./solutions/backup-recovery/self-built-elastic-search-snapshot-saved-to-oss.yml) | 本文介绍如何通过快照的方式,将快照数据安全备份到阿里云OSS存储空间及如何将备份在OSS的快照仓库恢复到阿里云ElasticSearch实例。 | +| [backup-recovery/single-available-zone-building-application.yml](./solutions/backup-recovery/single-available-zone-building-application.yml) | 同地域跨可用区容灾的解决方案2.0,介绍单可用区到跨可用区的迁移及切换演练,以模拟wordpress应用服务为例,帮助客户更清晰地了解方案架构;切换演练需要手动到对应产品的控制台操作,此模版完成单可用区应用搭建。 | +| [backup-recovery/zero-loss-of-trading-system-data.yml](./solutions/backup-recovery/zero-loss-of-trading-system-data.yml) | 中小型公司交易系统数据零丢失最佳实践 - 云上环境部署。 | +| [bioscience/bcs-3rd-generation-gene-sequence-data-assembly.yml](./solutions/bioscience/bcs-3rd-generation-gene-sequence-data-assembly.yml) | 本文介绍如何基于批量计算服务提供的WDL-Canu解决方案,进行三代基因组组装的最佳实践。 | +| [cloud-market/deploy-high-availability-architecture-to-the-cloud.yml](./solutions/cloud-market/deploy-high-availability-architecture-to-the-cloud.yml) | 在两个可用区下创建多种资源并组合使用,达到高可用的通用产品上云部署的架构效果。 | +| [cloud-market/deploy-small-architecture-to-the-cloud.yml](./solutions/cloud-market/deploy-small-architecture-to-the-cloud.yml) | 在单个可用区下创建多种资源并组合使用,达到小型的通用产品上云部署的架构效果。 | +| [cloud-market/elastic-ha-architecture-to-the-cloud.yml](./solutions/cloud-market/elastic-ha-architecture-to-the-cloud.yml) | 利用弹性伸缩组和阿里自研云数据库POLARDB,在两个可用区下创建多种资源并组合使用,达到高可用并具备弹性的通用产品上云部署的架构效果。 | +| [compute-nest/compute-nest-on-premises-solution-sag.yml](./solutions/compute-nest/compute-nest-on-premises-solution-sag.yml) | 计算巢的云下服务上云能力实现,可以保证云服务商的云下服务能力上云,通过集成SAG、CCN、CEN、VPC、ECS等云产品,自动化实现云下网络同云上VPC互联,天然跟计算巢当前的虚拟互联网融合,通过终端节点的方式提供给跨VPC、跨用户访问云下服务的能力。 | +| [container-micro-service/spring-cloud-cloud-native-migration.yml](./solutions/container-micro-service/spring-cloud-cloud-native-migration.yml) | 在已有虚拟专有网络、交换机和安全组基础资源上,使用ECS和ACK托管版等资源搭建Spring Cloud的架构参考示例,方便用户在阿里云上部署和迁移Spring Cloud应用。 | +| [container-micro-service/spring-cloud-hostingack-service.yml](./solutions/container-micro-service/spring-cloud-hostingack-service.yml) | 无需改造即可迁移,应用间的调用都是原来的方式;平滑迁移,迁移成本小;kubernetes天然适合微服务框架;充分利用kubernetes的弹性,满足应用弹性扩容需求;容器化后,资源利用率获得极大提升。 | +| [data-analysis/existing-vpc-cluster-flink.yml](./solutions/data-analysis/existing-vpc-cluster-flink.yml) | 本文介绍了在已有虚拟专有网络、交换机和安全组基础资源上,创建多台ECS(Flink),其中一台绑定弹性IP作为管理节点,其他节点使用弹性伸缩进行管理;Java jdk版本是1.8.0,Flink版本是1.10.2,访问UI界面需要安全组配置8081端口入规则。 | +| [data-analysis/existing-vpc-cluster-hdfs.yml](./solutions/data-analysis/existing-vpc-cluster-hdfs.yml) | 在已有虚拟专有网络、交换机和安全组基础资源上,创建多台ECS(Hadoop HDFS),其中一台绑定弹性IP作为管理节点,其他节点使用弹性伸缩进行管理;Java jdk版本是1.8.0,Hadoop版本是2.7.7,访问管理界面需要安全组配置50070端口入规则。 | +| [data-analysis/existing-vpc-cluster-hive.yml](./solutions/data-analysis/existing-vpc-cluster-hive.yml) | 在已有虚拟专有网络、交换机和安全组基础资源上,创建多台ECS(Hive),其中一台绑定弹性IP作为管理节点,其他节点使用弹性伸缩进行管理;Java jdk版本是1.8.0,Hadoop版本是2.7.7,Scala版本是2.12.1,Spark版本是2.1.0,Hive版本是2.3.7,访问Spark管理界面需要安全组配置8080端口入规则,访问Hive管理界面需要安全组配置10001端口入规则。 | +| [data-analysis/existing-vpc-cluster-map-reduce.yml](./solutions/data-analysis/existing-vpc-cluster-map-reduce.yml) | 在已有虚拟专有网络、交换机和安全组基础资源上,创建多台ECS(Hadoop MapReduce),其中一台绑定弹性IP作为管理节点,其他节点使用弹性伸缩进行管理;Java jdk版本是1.8.0,Hadoop版本是2.7.7,访问YARN管理界面需要安全组配置8088端口入规则,访问HDFS管理界面需要安全组配置50070端口入规则。 | +| [data-analysis/existing-vpc-cluster-spark.yml](./solutions/data-analysis/existing-vpc-cluster-spark.yml) | 在已有虚拟专有网络、交换机和安全组基础资源上,创建多台ECS(Spark),其中一台绑定弹性IP作为管理节点,其他节点使用弹性伸缩进行管理;Java jdk版本是1.8.0,Hadoop版本是2.7.7,Scala版本是2.12.1,Spark版本是2.1.0,访问管理界面需要安全组配置8080端口入规则。 | +| [data-analysis/existing-vpc-cluster-storm.yml](./solutions/data-analysis/existing-vpc-cluster-storm.yml) | 在已有虚拟专有网络、交换机和安全组基础资源上,创建多台ECS(Storm),其中一台绑定弹性IP作为管理节点,其他节点使用弹性伸缩进行管理;Java jdk版本是1.8.0,Storm版本是2.2.0,Zookeeper版本3.6.2,访问UI界面需要安全组配置允许入方向8081端口。 | +| [data-analysis/existing-vpc-cluster-yarn.yml](./solutions/data-analysis/existing-vpc-cluster-yarn.yml) | 在已有虚拟专有网络、交换机和安全组基础资源上,创建多台ECS(Hadoop YARN),其中一台绑定弹性IP作为管理节点,其他节点使用弹性伸缩进行管理;Java jdk版本是1.8.0,Hadoop版本是2.7.7,访问YARN管理界面需要安全组配置8088端口入规则,访问HDFS管理界面需要安全组配置50070端口入规则。 | +| [data-analysis/low-cost-offline-big-data-analysis-emr.yml](./solutions/data-analysis/low-cost-offline-big-data-analysis-emr.yml) | 本方案利用ROS创建EMR以及日志服务LOG、对象存储OSS等产品资源,结合手动操作电商网站日志埋点采集存储投递并利用EMR进行日志消费分析,来展示构建弹性低成本的离线海量日志大数据分析的最佳实践。 | +| [data-analysis/low-cost-offline-big-data-analysis.yml](./solutions/data-analysis/low-cost-offline-big-data-analysis.yml) | 本模板可以帮助用户搭建以抢占式ECS实例及对象存储为基础的云上离线大数据分析系统平台,并提供完整的demo演示,可供客户以及一线业务架构师进行PoC测试验证。 | +| [data-analysis/sls-multi-cloud-log-processing-analysis.yml](./solutions/data-analysis/sls-multi-cloud-log-processing-analysis.yml) | 从第三方云平台或线下IDC服务器上采集日志写入到阿里云日志服务,通过日志服务进行数据分析,帮助提升运维、运营效率,建立 DT 时代海量日志处理能力。 | +| [data-migration/low-cost-link-to-business-data.yml](./solutions/data-migration/low-cost-link-to-business-data.yml) | 本实践适用于提供业务数据搬迁上云服务。业务数据量一般都比较大,迁移上云需要大量的网络带宽,BGP费用比较高。 阿里云对用户开放所需地域购买静态单线共享带宽包的权限(移动/联通/电信均可),可用为迁移数据有效降低成本。 | +| [data-migration/self-built-hive-data-warehouse-migrated-to-emr.yml](./solutions/data-migration/self-built-hive-data-warehouse-migrated-to-emr.yml) | 本方案利用ROS创建自建Hadoop集群的数据迁移到阿里云自建Hadoop或者EMR。 | +| [database/polardb-migration-from-rds.yml](./solutions/database/polardb-migration-from-rds.yml) | 解决RDS MySQL或自建MySQL遇到的性能或容量瓶颈,迁移上下PolarDB链路打通。 | +| [database/deploy-mysql-based-on-ebs.yml](./solutions/database/deploy-mysql-based-on-ebs.yml) | 基于EBS ESSD部署高性能的MySQL服务。 | +| [devops/container-application-devops-for-ack-cluster.yml](./solutions/devops/container-application-devops-for-ack-cluster.yml) | DevOps的目的是构建一种文化和环境,使构建,测试,发布软件更加快捷,频繁和可靠。而到了容器时代,需要部署的机器不但量更大,变化更剧烈,有的甚至需要根据条件自动升缩,为了满足企业敏捷的需求,持续部署也成了必须,本方案使用云效完成容器应用(小程序后端服务)的自动化构建和持续部署。 | | [devops/deploy-zabbix-service.yml](./solutions/devops/deploy-zabbix-service.yml) | Zabbix是一个基于WEB界面的提供分布式系统监视以及网络监视功能的企业级的开源解决方案,用于监测和跟踪各种IT基础设施组件的性能、可用性和健康状态。| -| [enterprise-on-cloud/create-ddh-and-deploy-cloud-server.yml](./solutions/enterprise-on-cloud/create-ddh-and-deploy-cloud-server.yml) | 介绍本地部署或托管在IDC环境的 VMware系统迁移上云至独立宿主机(DDH)的最佳实践。使用DDH在云端构建由独享物理服务器组成的资源池,同时配合ECS成熟稳定的虚拟化技术体系,充分利用云上资源弹性、按使用付费的优势,快速构建高性能、高可靠和可快速动态伸缩的虚拟化系统,满足安全、合规、自定义部署、自带许可证(BYOL)等企业级需求;此模板完成创建DDH并部署云服务器。 | -| [enterprise-on-cloud/e-commerce-business-and-db-on-the-cloud.yml](./solutions/enterprise-on-cloud/e-commerce-business-and-db-on-the-cloud.yml) | 此模板可创建出电商资源建站和数据库迁移方案所需资源,属于企业上云的最佳实践之一。 | -| [enterprise-on-cloud/games-or-retail-single-db-single-service.yml](./solutions/enterprise-on-cloud/games-or-retail-single-db-single-service.yml) | 在创业型公司或阿米巴模式经营的公司,新项目发布初期存在较大的不确定性,既要考虑项目未来的扩展性,又要衡量项目的运营成本。本解决方案为客户提供低成本,敏捷快捷的最佳实践。适用典型行业:游戏、零售等行业。 | -| [enterprise-on-cloud/image-storage-and-tool-env.yml](./solutions/enterprise-on-cloud/image-storage-and-tool-env.yml) | 介绍本地部署或托管在IDC环境的 VMware系统迁移上云至独立宿主机(DDH)的最佳实践。使用DDH在云端构建由独享物理服务器组成的资源池,同时配合ECS成熟稳定的虚拟化技术体系,充分利用云上资源弹性、按使用付费的优势,快速构建高性能、高可靠和可快速动态伸缩的虚拟化系统,满足安全、合规、自定义部署、自带许可证(BYOL)等企业级需求;此模板完成镜像存储及工具环境的搭建。 | +| [enterprise-on-cloud/create-ddh-and-deploy-cloud-server.yml](./solutions/enterprise-on-cloud/create-ddh-and-deploy-cloud-server.yml) | 介绍本地部署或托管在IDC环境的 VMware系统迁移上云至独立宿主机(DDH)的最佳实践。使用DDH在云端构建由独享物理服务器组成的资源池,同时配合ECS成熟稳定的虚拟化技术体系,充分利用云上资源弹性、按使用付费的优势,快速构建高性能、高可靠和可快速动态伸缩的虚拟化系统,满足安全、合规、自定义部署、自带许可证(BYOL)等企业级需求;此模板完成创建DDH并部署云服务器。 | +| [enterprise-on-cloud/e-commerce-business-and-db-on-the-cloud.yml](./solutions/enterprise-on-cloud/e-commerce-business-and-db-on-the-cloud.yml) | 此模板可创建出电商资源建站和数据库迁移方案所需资源,属于企业上云的最佳实践之一。 | +| [enterprise-on-cloud/games-or-retail-single-db-single-service.yml](./solutions/enterprise-on-cloud/games-or-retail-single-db-single-service.yml) | 在创业型公司或阿米巴模式经营的公司,新项目发布初期存在较大的不确定性,既要考虑项目未来的扩展性,又要衡量项目的运营成本。本解决方案为客户提供低成本,敏捷快捷的最佳实践。适用典型行业:游戏、零售等行业。 | +| [enterprise-on-cloud/image-storage-and-tool-env.yml](./solutions/enterprise-on-cloud/image-storage-and-tool-env.yml) | 介绍本地部署或托管在IDC环境的 VMware系统迁移上云至独立宿主机(DDH)的最佳实践。使用DDH在云端构建由独享物理服务器组成的资源池,同时配合ECS成熟稳定的虚拟化技术体系,充分利用云上资源弹性、按使用付费的优势,快速构建高性能、高可靠和可快速动态伸缩的虚拟化系统,满足安全、合规、自定义部署、自带许可证(BYOL)等企业级需求;此模板完成镜像存储及工具环境的搭建。 | | [enterprise-on-cloud/internet-industry-high-elastic-system-construction.yml](./solutions/enterprise-on-cloud/internet-industry-high-elastic-system-construction.yml) | 本方案通过ESS和POLARDB实现应用和数据库两个层面的弹性,通过REDIS和SLB实现跨可用区的自动容灾,构建出可用性高,弹性收缩用户感知小的互联网行业高可用系统。 | -| [enterprise-on-cloud/kingdee-windows-server-on-cloud.yml](./solutions/enterprise-on-cloud/kingdee-windows-server-on-cloud.yml) | 单节点实例在新建专有网络模式下部署金蝶云星空7.5企业版应用,使用者需要单独提供金蝶云星空许可、SQLServer许可。 | -| [enterprise-on-cloud/move-server-using-custom-mirror.yml](./solutions/enterprise-on-cloud/move-server-using-custom-mirror.yml) | 适用需要迁移服务器到阿里云ECS,支持迁移主流Windows和Linux操作系统。包括P2V(Physical to Virtual)代表从物理 IDC 环境迁移到ECS,和V2V(Virtual to Virtual)代表从虚拟机环境或者云平台主机迁移到ECS;此模板配合搭建带有迁云工具的服务器模板完成服务器搬迁。 | -| [enterprise-on-cloud/move-server-with-migration-tool.yml](./solutions/enterprise-on-cloud/move-server-with-migration-tool.yml) | 适用需要迁移服务器到阿里云ECS,支持迁移主流Windows和Linux操作系统。包括P2V(Physical to Virtual)代表从物理 IDC 环境迁移到ECS,和V2V(Virtual to Virtual)代表从虚拟机环境或者云平台主机迁移到ECS;此模板搭建带有迁云工具的服务器。 | -| [enterprise-on-cloud/single-website-on-cloud-cloud-architecture.yml](./solutions/enterprise-on-cloud/single-website-on-cloud-cloud-architecture.yml) | 对于云上大量中小客户,上云后,由原来的单机服务进行基本的云化部署架构升级,解决弹性伸缩需求的场景。此模板配合单机服务器部署完成单机网站上云架构云化。 | -| [enterprise-on-cloud/single-website-on-cloud-stand-alone-server.yml](./solutions/enterprise-on-cloud/single-website-on-cloud-stand-alone-server.yml) | 对于云上大量中小客户,上云后,由原来的单机服务进行基本的云化部署架构升级,解决弹性伸缩需求的场景。此模板完成单机服务器部署。 | -| [enterprise-on-cloud/single-website-on-cloud-stand-one-click.yml](./solutions/enterprise-on-cloud/single-website-on-cloud-stand-one-click.yml) | 自动创建一个互联网云化架构的资源栈,包括VPC/私网SLB/EIP/2台ECS/RDS,ECS上部署免费WordPress镜像。部署完后,可以直接使用输出的EIP地址来访问WordPress网站。 | -| [enterprise-on-cloud/vmware-on-elastic-bare-metal-server.yml](./solutions/enterprise-on-cloud/vmware-on-elastic-bare-metal-server.yml) | 本文介绍将传统企业VMware迁移到阿里云弹性裸金属,利用云计算平台提供的弹性基础设施,实现线下业务平滑迁移上云。 | -| [high-performance-computing/ehpc-industrial-simulation.yml](./solutions/high-performance-computing/ehpc-industrial-simulation.yml) | 本实践适用于使用弹性高性能计算EHPC+对象存储OSS运行仿真软件进行模型仿真的场景中,这里运行的是LAMMPS这款开源的仿真软件,数据通过OSS上传。 | -| [internet-network/enterprise-app-hotel-network.yml](./solutions/internet-network/enterprise-app-hotel-network.yml) | 酒店上云是分阶段实施,线下和云上的混合云是长期状态,需要保证线下多地域多分支、云上多地域之间互相访问,且需要满足不同类型的企业节点的服务要求,比如总部IDC要求带宽大,对安全可靠性要求高等。 | -| [internet-network/global-deployment-network-build-global-network.yml](./solutions/internet-network/global-deployment-network-build-global-network.yml) | 在线教育的教师大部分和学员不在相同区域,设置不在同一个国家。例如场景的英语类在线教育,教师在北美,学员分布在国内各地区;此模板配合搭建单个地域的资源环境模板完成全球部署网络规划。 | -| [internet-network/global-deployment-network-deploy-single-env.yml](./solutions/internet-network/global-deployment-network-deploy-single-env.yml) | 在线教育的教师大部分和学员不在相同区域,设置不在同一个国家。例如场景的英语类在线教育,教师在北美,学员分布在国内各地区;此模板完成搭建单个地域的资源环境。 | -| [internet-network/landing-zone-cen-ack.yml](./solutions/internet-network/landing-zone-cen-ack.yml) | 进行跨账号同地域容器集群通过转发路由器组网,验证两个集群内Pod连通性。 | -| [internet-network/landing-zone-cen-privatelink.yml](./solutions/internet-network/landing-zone-cen-privatelink.yml) | 在账号1与在账号2之间通过创建终端节点服务并建立终端节点连接实现账号1与在账号2之间网络访问。 | -| [internet-network/landing-zone-cen-tr-peer.yml](./solutions/internet-network/landing-zone-cen-tr-peer.yml) | 在账号1内创建VPC1、VPC2,在账号2内创建VPC3、VPC4,其中VPC2和VPC4之间配置对等连接,从而降低跨VPC互联的流量费用,而其他VPC间借助转发路由器进行组网,能够降低网络管理的复杂度。 | -| [internet-network/landing-zone-cen-tr.yml](./solutions/internet-network/landing-zone-cen-tr.yml) | 在账号1及账号2内使用CEN及TR进行跨地域网络互通,账号2数据互通VPC加入两个账号CEN实现双网络互通。 | -| [internet-network/multi-avaiable-areas-building-services.yml](./solutions/internet-network/multi-avaiable-areas-building-services.yml) | 适用于有本地IDC,需要搭建具有高稳定性业务架构的多地域多可用区混合云的用户。物理专线是打通IDC到云上内网通道的最高效稳定的方式。此模板完成多可用区单地域搭建服务。 | -| [internet-network/multi-region-multi-area-network-interworking.yml](./solutions/internet-network/multi-region-multi-area-network-interworking.yml) | 适用于有本地IDC,需要搭建具有高稳定性业务架构的多地域多可用区混合云的用户。物理专线是打通IDC到云上内网通道的最高效稳定的方式。此模板可配合多可用区单地域搭建服务完成组建多可用区多地域的混合云。 | -| [machine-learning-ai/hybrid-cloud-uses-ali-ai-acceleration-tools.yml](./solutions/machine-learning-ai/hybrid-cloud-uses-ali-ai-acceleration-tools.yml) | 本文介绍了混合云场景中,自建Kubernetes服务,线下集群+云上弹性扩展阿里云GPU服务实例+飞天AI加速工具,并采用阿里云CPFS存储,运行AI训练+AI推理作业的操作步骤。 | -| [media-service/fpga-cloud-servers.yml](./solutions/media-service/fpga-cloud-servers.yml) | 解决提供高画质低码率的实施转码技术方案、提高图片和视频转码效率及降低传输带宽、转码和存储成本。 | -| [middleware/existing-vpc-cluster-kafka.yml](./solutions/middleware/existing-vpc-cluster-kafka.yml) | 在现有的VPC、VSwitch和安全组下,创建多台ECS(Kafka Middleware),其中一台绑定弹性IP作为管理节点,其他节点使用弹性伸缩进行管理,其中Java jdk版本采用1.8.0,Scala版本采用2.12,Kafka版本采用0.10.2.2;应用数据存放至挂载的数据盘(数据盘挂载目录:/home/software,Kafka bin目录:/home/software/kafka/bin);如需访问Kafka Manager管理界面,在已有的安全组下添加访问规则入方向TCP 9000端口。 | -| [middleware/existing-vpc-cluster-rabbitmq.yml](./solutions/middleware/existing-vpc-cluster-rabbitmq.yml) | 在已有虚拟专有网络、交换机和安全组基础资源上,利用ECS主机组部署RabbitMQ(3.8.4)镜像集群,并使用SLB令集群达到负载均衡高可用的模式,在使用ESS弹性伸缩集群时会创建EssRamRole自动授权OOS执行任务将Slave加入/移除集群,RabbitMQ是一个开源AMQP实现的消息中间件服务,支持多种客户端连接,具备健壮、稳定、易用、跨平台、支持多种语言的特性,如需访问RabbitMQ管理界面,在已有的安全组下添加访问规则入方向TCP 15672端口;如客户端需使用RabbitMQ中间件时,在已有的安全组下添加访问规则入方向TCP 5672端口。 | -| [middleware/existing-vpc-cluster-zookeeper.yml](./solutions/middleware/existing-vpc-cluster-zookeeper.yml) | 在已有虚拟专有网络、交换机和安全组基础资源上,利用ECS主机组部署Zookeeper(3.6.2)集群,使用ESS弹性伸缩集群会创建EssRamRole自动授权OOS执行任务将弹性组节点加入/移除集群, Zookeeper是一个分布式应用的协调服务,用于对分布式系统进行节点管理、leader选举、配置管理等。 | -| [middleware/spring-cloud-netflix-migrate-edas.yml](./solutions/middleware/spring-cloud-netflix-migrate-edas.yml) | 无需改造即可迁移,应用间的调用都是原来的方式;平滑迁移,迁移成本小;kubernetes天然适合微服务框架;充分利用kubernetes的弹性,满足应用弹性扩容需求;容器化后,资源利用率获得极大提升。 | -| [mini-program/fc-mini-program-backend-service.yml](./solutions/mini-program/fc-mini-program-backend-service.yml) | 使用Severless无服务器架构搭建移动App、小程序和Web应用的后端服务,静态资源(如图片)存在OSS上通过CDN加速访问,动态数据通过API网关加函数计算访问RDS数据库,无需管理服务器和运行环境,弹性伸缩使用云资源。 | [教程](https://help.aliyun.com/document_detail/2346161.html) | -| [security-rule/business-security-for-e-commerce-sites.yml](./solutions/security-rule/business-security-for-e-commerce-sites.yml) | 本实践为云上客户提供完整的电商网站运营期间的防护方案,包括用户注册、业务运营活动等场景。保障业务运维活动系统稳定运行、防止“薅羊毛”、运营优惠给到真实的客户。 | -| [security-rule/ram-account-rights-management.yml](./solutions/security-rule/ram-account-rights-management.yml) | 单账号体系下用户管理、资源分组、权限配置、访问控制的治理方法及原则。以某电商网站项目为例,根据研发、测试、生产环境划分及业务流程,使用阿里云RAM访问控制服务规划实现资源分组、账号用户体系、权限分配、安全加固、定期安全检查等措施的最佳实践。 | -| [serviceless-compute/fc-web-file-backend-service.yml](./solutions/serviceless-compute/fc-web-file-backend-service.yml) | 使用Severless无服务器架构搭建Web网站文件处理服务,用户通过API、SDK或阿里云控制台上传或更新文件到指定OSS存储空间后,可自动实现文件压缩、文件解压、获取文件md5、获取文件元信息等功能。 | -| [studio-entertainment/game-business-zone-service-env.yml](./solutions/studio-entertainment/game-business-zone-service-env.yml) | 为了提升玩家游戏体验,并提高留存率、增强付费率,除了游戏本身的内容趣味性,改善用户访问加速体验,并对游戏数据分区合服是很常见的业务运营模式。 | -| [studio-entertainment/light-weight-gpu-deployed-cloud-games.yml](./solutions/studio-entertainment/light-weight-gpu-deployed-cloud-games.yml) | 随着AI深度学习,视频处理,科学计算以及图形可视化等应用场景的普及,GPU的市场需求越来越大。但单颗物理GPU起步至超大规模弹性计算带来的计算能力过剩成本上升问题也越来越明显。轻量级GPU的诞生打破了传统直通模式的局限,可以提供比单颗物理GPU更细粒度的服务,从而让客户以更低成本、更高弹性开展业务。 | +| [enterprise-on-cloud/kingdee-windows-server-on-cloud.yml](./solutions/enterprise-on-cloud/kingdee-windows-server-on-cloud.yml) | 单节点实例在新建专有网络模式下部署金蝶云星空7.5企业版应用,使用者需要单独提供金蝶云星空许可、SQLServer许可。 | +| [enterprise-on-cloud/move-server-using-custom-mirror.yml](./solutions/enterprise-on-cloud/move-server-using-custom-mirror.yml) | 适用需要迁移服务器到阿里云ECS,支持迁移主流Windows和Linux操作系统。包括P2V(Physical to Virtual)代表从物理 IDC 环境迁移到ECS,和V2V(Virtual to Virtual)代表从虚拟机环境或者云平台主机迁移到ECS;此模板配合搭建带有迁云工具的服务器模板完成服务器搬迁。 | +| [enterprise-on-cloud/move-server-with-migration-tool.yml](./solutions/enterprise-on-cloud/move-server-with-migration-tool.yml) | 适用需要迁移服务器到阿里云ECS,支持迁移主流Windows和Linux操作系统。包括P2V(Physical to Virtual)代表从物理 IDC 环境迁移到ECS,和V2V(Virtual to Virtual)代表从虚拟机环境或者云平台主机迁移到ECS;此模板搭建带有迁云工具的服务器。 | +| [enterprise-on-cloud/single-website-on-cloud-cloud-architecture.yml](./solutions/enterprise-on-cloud/single-website-on-cloud-cloud-architecture.yml) | 对于云上大量中小客户,上云后,由原来的单机服务进行基本的云化部署架构升级,解决弹性伸缩需求的场景。此模板配合单机服务器部署完成单机网站上云架构云化。 | +| [enterprise-on-cloud/single-website-on-cloud-stand-alone-server.yml](./solutions/enterprise-on-cloud/single-website-on-cloud-stand-alone-server.yml) | 对于云上大量中小客户,上云后,由原来的单机服务进行基本的云化部署架构升级,解决弹性伸缩需求的场景。此模板完成单机服务器部署。 | +| [enterprise-on-cloud/single-website-on-cloud-stand-one-click.yml](./solutions/enterprise-on-cloud/single-website-on-cloud-stand-one-click.yml) | 自动创建一个互联网云化架构的资源栈,包括VPC/私网SLB/EIP/2台ECS/RDS,ECS上部署免费WordPress镜像。部署完后,可以直接使用输出的EIP地址来访问WordPress网站。 | +| [enterprise-on-cloud/vmware-on-elastic-bare-metal-server.yml](./solutions/enterprise-on-cloud/vmware-on-elastic-bare-metal-server.yml) | 本文介绍将传统企业VMware迁移到阿里云弹性裸金属,利用云计算平台提供的弹性基础设施,实现线下业务平滑迁移上云。 | +| [high-performance-computing/ehpc-industrial-simulation.yml](./solutions/high-performance-computing/ehpc-industrial-simulation.yml) | 本实践适用于使用弹性高性能计算EHPC+对象存储OSS运行仿真软件进行模型仿真的场景中,这里运行的是LAMMPS这款开源的仿真软件,数据通过OSS上传。 | +| [internet-network/enterprise-app-hotel-network.yml](./solutions/internet-network/enterprise-app-hotel-network.yml) | 酒店上云是分阶段实施,线下和云上的混合云是长期状态,需要保证线下多地域多分支、云上多地域之间互相访问,且需要满足不同类型的企业节点的服务要求,比如总部IDC要求带宽大,对安全可靠性要求高等。 | +| [internet-network/global-deployment-network-build-global-network.yml](./solutions/internet-network/global-deployment-network-build-global-network.yml) | 在线教育的教师大部分和学员不在相同区域,设置不在同一个国家。例如场景的英语类在线教育,教师在北美,学员分布在国内各地区;此模板配合搭建单个地域的资源环境模板完成全球部署网络规划。 | +| [internet-network/global-deployment-network-deploy-single-env.yml](./solutions/internet-network/global-deployment-network-deploy-single-env.yml) | 在线教育的教师大部分和学员不在相同区域,设置不在同一个国家。例如场景的英语类在线教育,教师在北美,学员分布在国内各地区;此模板完成搭建单个地域的资源环境。 | +| [internet-network/landing-zone-cen-ack.yml](./solutions/internet-network/landing-zone-cen-ack.yml) | 进行跨账号同地域容器集群通过转发路由器组网,验证两个集群内Pod连通性。 | +| [internet-network/landing-zone-cen-privatelink.yml](./solutions/internet-network/landing-zone-cen-privatelink.yml) | 在账号1与在账号2之间通过创建终端节点服务并建立终端节点连接实现账号1与在账号2之间网络访问。 | +| [internet-network/landing-zone-cen-tr-peer.yml](./solutions/internet-network/landing-zone-cen-tr-peer.yml) | 在账号1内创建VPC1、VPC2,在账号2内创建VPC3、VPC4,其中VPC2和VPC4之间配置对等连接,从而降低跨VPC互联的流量费用,而其他VPC间借助转发路由器进行组网,能够降低网络管理的复杂度。 | +| [internet-network/landing-zone-cen-tr.yml](./solutions/internet-network/landing-zone-cen-tr.yml) | 在账号1及账号2内使用CEN及TR进行跨地域网络互通,账号2数据互通VPC加入两个账号CEN实现双网络互通。 | +| [internet-network/multi-avaiable-areas-building-services.yml](./solutions/internet-network/multi-avaiable-areas-building-services.yml) | 适用于有本地IDC,需要搭建具有高稳定性业务架构的多地域多可用区混合云的用户。物理专线是打通IDC到云上内网通道的最高效稳定的方式。此模板完成多可用区单地域搭建服务。 | +| [internet-network/multi-region-multi-area-network-interworking.yml](./solutions/internet-network/multi-region-multi-area-network-interworking.yml) | 适用于有本地IDC,需要搭建具有高稳定性业务架构的多地域多可用区混合云的用户。物理专线是打通IDC到云上内网通道的最高效稳定的方式。此模板可配合多可用区单地域搭建服务完成组建多可用区多地域的混合云。 | +| [iot-cloud/iot-platform-device-data-on-the-cloud.yaml](./solutions/iot-cloud/iot-platform-device-data-on-the-cloud.yaml) | 本文以温湿度传感器设备为例,介绍了如何将该设备接入物联网平台,将设备所上报的数据转发至函数计算FC,并最终推送数据到钉钉群中。| +| [machine-learning-ai/hybrid-cloud-uses-ali-ai-acceleration-tools.yml](./solutions/machine-learning-ai/hybrid-cloud-uses-ali-ai-acceleration-tools.yml) | 本文介绍了混合云场景中,自建Kubernetes服务,线下集群+云上弹性扩展阿里云GPU服务实例+飞天AI加速工具,并采用阿里云CPFS存储,运行AI训练+AI推理作业的操作步骤。 | +| [media-service/fpga-cloud-servers.yml](./solutions/media-service/fpga-cloud-servers.yml) | 解决提供高画质低码率的实施转码技术方案、提高图片和视频转码效率及降低传输带宽、转码和存储成本。 | +| [middleware/existing-vpc-cluster-kafka.yml](./solutions/middleware/existing-vpc-cluster-kafka.yml) | 在现有的VPC、VSwitch和安全组下,创建多台ECS(Kafka Middleware),其中一台绑定弹性IP作为管理节点,其他节点使用弹性伸缩进行管理,其中Java jdk版本采用1.8.0,Scala版本采用2.12,Kafka版本采用0.10.2.2;应用数据存放至挂载的数据盘(数据盘挂载目录:/home/software,Kafka bin目录:/home/software/kafka/bin);如需访问Kafka Manager管理界面,在已有的安全组下添加访问规则入方向TCP 9000端口。 | +| [middleware/existing-vpc-cluster-rabbitmq.yml](./solutions/middleware/existing-vpc-cluster-rabbitmq.yml) | 在已有虚拟专有网络、交换机和安全组基础资源上,利用ECS主机组部署RabbitMQ(3.8.4)镜像集群,并使用SLB令集群达到负载均衡高可用的模式,在使用ESS弹性伸缩集群时会创建EssRamRole自动授权OOS执行任务将Slave加入/移除集群,RabbitMQ是一个开源AMQP实现的消息中间件服务,支持多种客户端连接,具备健壮、稳定、易用、跨平台、支持多种语言的特性,如需访问RabbitMQ管理界面,在已有的安全组下添加访问规则入方向TCP 15672端口;如客户端需使用RabbitMQ中间件时,在已有的安全组下添加访问规则入方向TCP 5672端口。 | +| [middleware/existing-vpc-cluster-zookeeper.yml](./solutions/middleware/existing-vpc-cluster-zookeeper.yml) | 在已有虚拟专有网络、交换机和安全组基础资源上,利用ECS主机组部署Zookeeper(3.6.2)集群,使用ESS弹性伸缩集群会创建EssRamRole自动授权OOS执行任务将弹性组节点加入/移除集群, Zookeeper是一个分布式应用的协调服务,用于对分布式系统进行节点管理、leader选举、配置管理等。 | +| [middleware/spring-cloud-netflix-migrate-edas.yml](./solutions/middleware/spring-cloud-netflix-migrate-edas.yml) | 无需改造即可迁移,应用间的调用都是原来的方式;平滑迁移,迁移成本小;kubernetes天然适合微服务框架;充分利用kubernetes的弹性,满足应用弹性扩容需求;容器化后,资源利用率获得极大提升。 | +| [mini-program/fc-mini-program-backend-service.yml](./solutions/mini-program/fc-mini-program-backend-service.yml) | 使用Severless无服务器架构搭建移动App、小程序和Web应用的后端服务,静态资源(如图片)存在OSS上通过CDN加速访问,动态数据通过API网关加函数计算访问RDS数据库,无需管理服务器和运行环境,弹性伸缩使用云资源。 | [教程](https://help.aliyun.com/document_detail/2346161.html) | +| [security-rule/business-security-for-e-commerce-sites.yml](./solutions/security-rule/business-security-for-e-commerce-sites.yml) | 本实践为云上客户提供完整的电商网站运营期间的防护方案,包括用户注册、业务运营活动等场景。保障业务运维活动系统稳定运行、防止“薅羊毛”、运营优惠给到真实的客户。 | +| [security-rule/ram-account-rights-management.yml](./solutions/security-rule/ram-account-rights-management.yml) | 单账号体系下用户管理、资源分组、权限配置、访问控制的治理方法及原则。以某电商网站项目为例,根据研发、测试、生产环境划分及业务流程,使用阿里云RAM访问控制服务规划实现资源分组、账号用户体系、权限分配、安全加固、定期安全检查等措施的最佳实践。 | +| [serviceless-compute/fc-web-file-backend-service.yml](./solutions/serviceless-compute/fc-web-file-backend-service.yml) | 使用Severless无服务器架构搭建Web网站文件处理服务,用户通过API、SDK或阿里云控制台上传或更新文件到指定OSS存储空间后,可自动实现文件压缩、文件解压、获取文件md5、获取文件元信息等功能。 | +| [studio-entertainment/game-business-zone-service-env.yml](./solutions/studio-entertainment/game-business-zone-service-env.yml) | 为了提升玩家游戏体验,并提高留存率、增强付费率,除了游戏本身的内容趣味性,改善用户访问加速体验,并对游戏数据分区合服是很常见的业务运营模式。 | +| [studio-entertainment/light-weight-gpu-deployed-cloud-games.yml](./solutions/studio-entertainment/light-weight-gpu-deployed-cloud-games.yml) | 随着AI深度学习,视频处理,科学计算以及图形可视化等应用场景的普及,GPU的市场需求越来越大。但单颗物理GPU起步至超大规模弹性计算带来的计算能力过剩成本上升问题也越来越明显。轻量级GPU的诞生打破了传统直通模式的局限,可以提供比单颗物理GPU更细粒度的服务,从而让客户以更低成本、更高弹性开展业务。 |
diff --git a/README.md b/README.md index f5a145cf..942b6681 100644 --- a/README.md +++ b/README.md @@ -295,72 +295,73 @@ Examples and best practices of ROS templates. The templates are categorized as f
solutions -| Template | Description | -| ---- | ---- | -| [backup-recovery/application-business-migration.yml](./solutions/backup-recovery/application-business-migration.yml) | This template shows the migration and switchover of a service from a single zone to multiple zones. The template uses a simulated WordPress application service to provide you with a clear view of the solution architecture. You must manually perform the disaster recovery drill in the service console. This template can be used with the single-zone application building template to complete application business migration. | -| [backup-recovery/cross-the-available-zone-disaster.yml](./solutions/backup-recovery/cross-the-available-zone-disaster.yml) | This template shows the basic procedure of a disaster recovery drill across zones in a region. This template uses an existing e-commerce website image to build an e-commerce website. | -| [backup-recovery/cross-the-available-zone-epidemic-control.yml](./solutions/backup-recovery/cross-the-available-zone-epidemic-control.yml) | This template is used to deploy a cross-zone disaster recovery solution within a region. This practice uses the deployment of applications that are designed to fight COVID-19 as an example. In this practice, this template is used to deploy a set of applications in the cloud and ensure the proper running of these applications which are designed to help in COVID-19 treatment and prevention. | -| [backup-recovery/deploy-the-rds-environment.yml](./solutions/backup-recovery/deploy-the-rds-environment.yml) | In traditional remote database backup solutions, local backups are often compressed and then uploaded to remote locations, which complicates the management of the entire backup set. Processing historical backup data in this way is a waste of storage resources, because this data is less likely to be queried over time. A cost-efficient database backup solution is required for dataset query. | -| [backup-recovery/self-built-elastic-search-snapshot-saved-to-oss.yml](./solutions/backup-recovery/self-built-elastic-search-snapshot-saved-to-oss.yml) | This template is used to back up data from snapshots of a self-managed Elasticsearch cluster to OSS and restore the data from the snapshots in the repositories stored in OSS buckets to an Alibaba Cloud Elasticsearch cluster. | -| [backup-recovery/single-available-zone-building-application.yml](./solutions/backup-recovery/single-available-zone-building-application.yml) | The cross-zone disaster recover solution 2.0 demonstrates data migration and system switchover from a single zone to multiple zones. This template uses WordPress as an example to help you understand the architecture of this solution. You must log on to the management console of the required services to manually switch over your system. This template is used to build an application in a single zone. | -| [backup-recovery/zero-loss-of-trading-system-data.yml](./solutions/backup-recovery/zero-loss-of-trading-system-data.yml) | Best Practices for Zero Loss of Data in Small and Medium-sized Company Trading Systems - Environment Deployment on the Cloud. | -| [bioscience/bcs-3rd-generation-gene-sequence-data-assembly.yml](./solutions/bioscience/bcs-3rd-generation-gene-sequence-data-assembly.yml) | This template is used to deploy the WDL-Canu solution provided by Batch Compute for third-generation genome sequencing data assembly. | -| [cloud-market/deploy-high-availability-architecture-to-the-cloud.yml](./solutions/cloud-market/deploy-high-availability-architecture-to-the-cloud.yml) | This template creates and manages multiple resources in two zones to provide services. This effectively deploys a high-availability common services stack to the cloud. | -| [cloud-market/deploy-small-architecture-to-the-cloud.yml](./solutions/cloud-market/deploy-small-architecture-to-the-cloud.yml) | This template creates multiple resources in a single zone, and manages the resources to provide services. This effectively deploys a small-scale common services stack to the cloud. | -| [cloud-market/elastic-ha-architecture-to-the-cloud.yml](./solutions/cloud-market/elastic-ha-architecture-to-the-cloud.yml) | This template uses Auto Scaling and ApsaraDB for POLARDB to create multiple resources in two zones and manage the resources to provide services. This effectively deploys a high-availability, elastic common services stack to the cloud. | -| [compute-nest/compute-nest-on-premises-solution-sag.yml](./solutions/compute-nest/compute-nest-on-premises-solution-sag.yml) | This template is used to connect on-premises services and Alibaba Cloud. Compute Nest provides cloud service providers (CSPs) with the capability to connect on-premises services associated with Compute Nest and Alibaba Cloud. Compute Nest is integrated with Alibaba Cloud services, such as Smart Access Gateway, CCN, CEN, VPC, and ECS, to automatically connect on-premises networks to VPCs. This way, Compute Nest can smoothly connect on-premises services to its virtual networks and access on-premises services across VPCs and accounts by using endpoints. | -| [container-micro-service/spring-cloud-cloud-native-migration.yml](./solutions/container-micro-service/spring-cloud-cloud-native-migration.yml) | This template uses resources such as ECS instances and ACK managed clusters to build the Spring Cloud architecture based on an existing VPC, vSwitch, and security group. This allows you to migrate Spring Cloud architecture and applications to Alibaba Cloud in a convenient manner. | -| [container-micro-service/spring-cloud-hostingack-service.yml](./solutions/container-micro-service/spring-cloud-hostingack-service.yml) | This template seamlessly migrates Spring Cloud applications to Container Service for Kubernetes at low costs, without changes to the calling method between applications. Kubernetes is a natural fit for microservices. This template takes full advantage of the elasticity of Kubernetes to meet application scale-out requirements. After Spring Cloud applications are containerized, resource utilization is greatly improved. | -| [data-analysis/existing-vpc-cluster-flink.yml](./solutions/data-analysis/existing-vpc-cluster-flink.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group. The ECS instance that is assigned an EIP is the management node. Auto Scaling manages the remaining ECS instances. Java JDK version 1.8.0 and Flink version 1.10.2 are used. To log on to the Flink console, you must configure the inbound rule over port 8081. | -| [data-analysis/existing-vpc-cluster-hdfs.yml](./solutions/data-analysis/existing-vpc-cluster-hdfs.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group. The ECS instance that is assigned an EIP is the management node. Auto Scaling manages the remaining ECS instances. Java JDK version 1.8.0 and Hadoop version 2.7.7 are used. To log on to the HDFS console, you must configure the inbound rule to allow traffic over port 50070. | -| [data-analysis/existing-vpc-cluster-hive.yml](./solutions/data-analysis/existing-vpc-cluster-hive.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group. The ECS instance that is assigned an EIP is the management node. Auto Scaling manages the remaining ECS instances. Java JDK version 1.8.0, Hadoop version 2.7.7, Scala version 2.12.1, Spark version 2.1.0, and Hive version 2.3.7 are used. To log on to the Spark console, you must configure the inbound rule that allows traffic over port 8080. To log on to the Hive console, you must configure the inbound rule that allows traffic over port 10001. | -| [data-analysis/existing-vpc-cluster-map-reduce.yml](./solutions/data-analysis/existing-vpc-cluster-map-reduce.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group to deploy Hadoop MapReduce. The ECS instance that is assigned an EIP is the management node. Auto Scaling manages the remaining ECS instances. Java JDK version 1.8.0 and Hadoop version 2.7.7 are used. To log on to the Yarn console, you must configure the inbound rule that allows access over port 8088. To log on to the HDFS console, you must configure the inbound rule that allows access over port 50070. | -| [data-analysis/existing-vpc-cluster-spark.yml](./solutions/data-analysis/existing-vpc-cluster-spark.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group to deploy a Spark cluster. The ECS instance that is assigned an EIP is the management node. Auto Scaling manages the remaining ECS instances. Java JDK version 1.8.0, Hadoop version 2.7.7, Scala version 2.12.1, and Spark version 2.1.0 are used. To log on to the Spark console, you must configure the inbound rule that allows traffic over port 8080. | -| [data-analysis/existing-vpc-cluster-storm.yml](./solutions/data-analysis/existing-vpc-cluster-storm.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group to deploy a Storm cluster. The ECS instance that is assigned an EIP is the management node. Auto Scaling manages the remaining ECS instances. Java JDK version 1.8.0, Storm version 2.2.0, and ZooKeeper version 3.6.2 are used. To log on to the Storm console, you must configure the inbound rule that allows traffic over port 8081. | -| [data-analysis/existing-vpc-cluster-yarn.yml](./solutions/data-analysis/existing-vpc-cluster-yarn.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group to deploy a Hadoop Yarn cluster. The ECS instance that is assigned an EIP is the management node. Auto Scaling manages the remaining ECS instances. Java JDK version 1.8.0 and Hadoop version 2.7.7 are used. To log on to the Yarn console, you must configure the inbound rule that allows traffic over port 8088. To log on to the HDFS console, you must configure the inbound rule that allows traffic over port 50070. | -| [data-analysis/low-cost-offline-big-data-analysis-emr.yml](./solutions/data-analysis/low-cost-offline-big-data-analysis-emr.yml) | This template uses ROS to create cloud resources including EMR, Log Service, and OSS. After you track, collect, store, and ship e-commerce website logs, you can use EMR to analyze the logs and predict user consumption behavior. EMR can help you analyze mass offline big data at low costs. | -| [data-analysis/low-cost-offline-big-data-analysis.yml](./solutions/data-analysis/low-cost-offline-big-data-analysis.yml) | This template is used to build an offline big data analysis system in the cloud based on preemptible ECS instances and OSS buckets. Customers and frontline architects can use this system for PoC tests. | -| [data-analysis/sls-multi-cloud-log-processing-analysis.yml](./solutions/data-analysis/sls-multi-cloud-log-processing-analysis.yml) | This template is used to write data from third-party platforms or self-managed data centers to Log Service for data analysis. This simplifies O&M, facilitates operations, and improves the capability to process large amounts of logs. | -| [data-migration/low-cost-link-to-business-data.yml](./solutions/data-migration/low-cost-link-to-business-data.yml) | This template is used to migrate business data to the cloud. When you migrate a large amount of business data to the cloud, a large network bandwidth is required. This causes the BGP costs to increase. Alibaba Cloud provides static BGP EIP bandwidth plan for users such as China Unicom, China Mobile, and China Telecom. This helps reduce the costs to migrate data to the cloud. | -| [data-migration/self-built-hive-data-warehouse-migrated-to-emr.yml](./solutions/data-migration/self-built-hive-data-warehouse-migrated-to-emr.yml) | This solution uses ROS to create an on-premises Hadoop cluster and migrate the cluster data to an Alibaba Cloud E-MapReduce cluster. | -| [database/polardb-migration-from-rds.yml](./solutions/database/polardb-migration-from-rds.yml) | This template is used to migrate data from an ApsaraDB RDS for MySQL database or a self-managed MySQL database to a PolarDB for MySQL cluster. | -| [devops/container-application-devops-for-ack-cluster.yml](./solutions/devops/container-application-devops-for-ack-cluster.yml) | This template uses DevOps to automate the building of container applications or mini programs and facilitate continuous delivery. DevOps is a combination of best practices and tools that help enterprises deliver applications and services at high velocity. In the era of containers, the number of deployed applications grows larger. These applications also change faster, with some applications having requirements on autoscaling. To meet the requirements on agile deployment, continuous delivery is critical. | +| Template | Description | +|----------------------------------------------------------------------------------------------------------------------------------------------------------------------| ---- | +| [backup-recovery/application-business-migration.yml](./solutions/backup-recovery/application-business-migration.yml) | This template shows the migration and switchover of a service from a single zone to multiple zones. The template uses a simulated WordPress application service to provide you with a clear view of the solution architecture. You must manually perform the disaster recovery drill in the service console. This template can be used with the single-zone application building template to complete application business migration. | +| [backup-recovery/cross-the-available-zone-disaster.yml](./solutions/backup-recovery/cross-the-available-zone-disaster.yml) | This template shows the basic procedure of a disaster recovery drill across zones in a region. This template uses an existing e-commerce website image to build an e-commerce website. | +| [backup-recovery/cross-the-available-zone-epidemic-control.yml](./solutions/backup-recovery/cross-the-available-zone-epidemic-control.yml) | This template is used to deploy a cross-zone disaster recovery solution within a region. This practice uses the deployment of applications that are designed to fight COVID-19 as an example. In this practice, this template is used to deploy a set of applications in the cloud and ensure the proper running of these applications which are designed to help in COVID-19 treatment and prevention. | +| [backup-recovery/deploy-the-rds-environment.yml](./solutions/backup-recovery/deploy-the-rds-environment.yml) | In traditional remote database backup solutions, local backups are often compressed and then uploaded to remote locations, which complicates the management of the entire backup set. Processing historical backup data in this way is a waste of storage resources, because this data is less likely to be queried over time. A cost-efficient database backup solution is required for dataset query. | +| [backup-recovery/self-built-elastic-search-snapshot-saved-to-oss.yml](./solutions/backup-recovery/self-built-elastic-search-snapshot-saved-to-oss.yml) | This template is used to back up data from snapshots of a self-managed Elasticsearch cluster to OSS and restore the data from the snapshots in the repositories stored in OSS buckets to an Alibaba Cloud Elasticsearch cluster. | +| [backup-recovery/single-available-zone-building-application.yml](./solutions/backup-recovery/single-available-zone-building-application.yml) | The cross-zone disaster recover solution 2.0 demonstrates data migration and system switchover from a single zone to multiple zones. This template uses WordPress as an example to help you understand the architecture of this solution. You must log on to the management console of the required services to manually switch over your system. This template is used to build an application in a single zone. | +| [backup-recovery/zero-loss-of-trading-system-data.yml](./solutions/backup-recovery/zero-loss-of-trading-system-data.yml) | Best Practices for Zero Loss of Data in Small and Medium-sized Company Trading Systems - Environment Deployment on the Cloud. | +| [bioscience/bcs-3rd-generation-gene-sequence-data-assembly.yml](./solutions/bioscience/bcs-3rd-generation-gene-sequence-data-assembly.yml) | This template is used to deploy the WDL-Canu solution provided by Batch Compute for third-generation genome sequencing data assembly. | +| [cloud-market/deploy-high-availability-architecture-to-the-cloud.yml](./solutions/cloud-market/deploy-high-availability-architecture-to-the-cloud.yml) | This template creates and manages multiple resources in two zones to provide services. This effectively deploys a high-availability common services stack to the cloud. | +| [cloud-market/deploy-small-architecture-to-the-cloud.yml](./solutions/cloud-market/deploy-small-architecture-to-the-cloud.yml) | This template creates multiple resources in a single zone, and manages the resources to provide services. This effectively deploys a small-scale common services stack to the cloud. | +| [cloud-market/elastic-ha-architecture-to-the-cloud.yml](./solutions/cloud-market/elastic-ha-architecture-to-the-cloud.yml) | This template uses Auto Scaling and ApsaraDB for POLARDB to create multiple resources in two zones and manage the resources to provide services. This effectively deploys a high-availability, elastic common services stack to the cloud. | +| [compute-nest/compute-nest-on-premises-solution-sag.yml](./solutions/compute-nest/compute-nest-on-premises-solution-sag.yml) | This template is used to connect on-premises services and Alibaba Cloud. Compute Nest provides cloud service providers (CSPs) with the capability to connect on-premises services associated with Compute Nest and Alibaba Cloud. Compute Nest is integrated with Alibaba Cloud services, such as Smart Access Gateway, CCN, CEN, VPC, and ECS, to automatically connect on-premises networks to VPCs. This way, Compute Nest can smoothly connect on-premises services to its virtual networks and access on-premises services across VPCs and accounts by using endpoints. | +| [container-micro-service/spring-cloud-cloud-native-migration.yml](./solutions/container-micro-service/spring-cloud-cloud-native-migration.yml) | This template uses resources such as ECS instances and ACK managed clusters to build the Spring Cloud architecture based on an existing VPC, vSwitch, and security group. This allows you to migrate Spring Cloud architecture and applications to Alibaba Cloud in a convenient manner. | +| [container-micro-service/spring-cloud-hostingack-service.yml](./solutions/container-micro-service/spring-cloud-hostingack-service.yml) | This template seamlessly migrates Spring Cloud applications to Container Service for Kubernetes at low costs, without changes to the calling method between applications. Kubernetes is a natural fit for microservices. This template takes full advantage of the elasticity of Kubernetes to meet application scale-out requirements. After Spring Cloud applications are containerized, resource utilization is greatly improved. | +| [data-analysis/existing-vpc-cluster-flink.yml](./solutions/data-analysis/existing-vpc-cluster-flink.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group. The ECS instance that is assigned an EIP is the management node. Auto Scaling manages the remaining ECS instances. Java JDK version 1.8.0 and Flink version 1.10.2 are used. To log on to the Flink console, you must configure the inbound rule over port 8081. | +| [data-analysis/existing-vpc-cluster-hdfs.yml](./solutions/data-analysis/existing-vpc-cluster-hdfs.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group. The ECS instance that is assigned an EIP is the management node. Auto Scaling manages the remaining ECS instances. Java JDK version 1.8.0 and Hadoop version 2.7.7 are used. To log on to the HDFS console, you must configure the inbound rule to allow traffic over port 50070. | +| [data-analysis/existing-vpc-cluster-hive.yml](./solutions/data-analysis/existing-vpc-cluster-hive.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group. The ECS instance that is assigned an EIP is the management node. Auto Scaling manages the remaining ECS instances. Java JDK version 1.8.0, Hadoop version 2.7.7, Scala version 2.12.1, Spark version 2.1.0, and Hive version 2.3.7 are used. To log on to the Spark console, you must configure the inbound rule that allows traffic over port 8080. To log on to the Hive console, you must configure the inbound rule that allows traffic over port 10001. | +| [data-analysis/existing-vpc-cluster-map-reduce.yml](./solutions/data-analysis/existing-vpc-cluster-map-reduce.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group to deploy Hadoop MapReduce. The ECS instance that is assigned an EIP is the management node. Auto Scaling manages the remaining ECS instances. Java JDK version 1.8.0 and Hadoop version 2.7.7 are used. To log on to the Yarn console, you must configure the inbound rule that allows access over port 8088. To log on to the HDFS console, you must configure the inbound rule that allows access over port 50070. | +| [data-analysis/existing-vpc-cluster-spark.yml](./solutions/data-analysis/existing-vpc-cluster-spark.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group to deploy a Spark cluster. The ECS instance that is assigned an EIP is the management node. Auto Scaling manages the remaining ECS instances. Java JDK version 1.8.0, Hadoop version 2.7.7, Scala version 2.12.1, and Spark version 2.1.0 are used. To log on to the Spark console, you must configure the inbound rule that allows traffic over port 8080. | +| [data-analysis/existing-vpc-cluster-storm.yml](./solutions/data-analysis/existing-vpc-cluster-storm.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group to deploy a Storm cluster. The ECS instance that is assigned an EIP is the management node. Auto Scaling manages the remaining ECS instances. Java JDK version 1.8.0, Storm version 2.2.0, and ZooKeeper version 3.6.2 are used. To log on to the Storm console, you must configure the inbound rule that allows traffic over port 8081. | +| [data-analysis/existing-vpc-cluster-yarn.yml](./solutions/data-analysis/existing-vpc-cluster-yarn.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group to deploy a Hadoop Yarn cluster. The ECS instance that is assigned an EIP is the management node. Auto Scaling manages the remaining ECS instances. Java JDK version 1.8.0 and Hadoop version 2.7.7 are used. To log on to the Yarn console, you must configure the inbound rule that allows traffic over port 8088. To log on to the HDFS console, you must configure the inbound rule that allows traffic over port 50070. | +| [data-analysis/low-cost-offline-big-data-analysis-emr.yml](./solutions/data-analysis/low-cost-offline-big-data-analysis-emr.yml) | This template uses ROS to create cloud resources including EMR, Log Service, and OSS. After you track, collect, store, and ship e-commerce website logs, you can use EMR to analyze the logs and predict user consumption behavior. EMR can help you analyze mass offline big data at low costs. | +| [data-analysis/low-cost-offline-big-data-analysis.yml](./solutions/data-analysis/low-cost-offline-big-data-analysis.yml) | This template is used to build an offline big data analysis system in the cloud based on preemptible ECS instances and OSS buckets. Customers and frontline architects can use this system for PoC tests. | +| [data-analysis/sls-multi-cloud-log-processing-analysis.yml](./solutions/data-analysis/sls-multi-cloud-log-processing-analysis.yml) | This template is used to write data from third-party platforms or self-managed data centers to Log Service for data analysis. This simplifies O&M, facilitates operations, and improves the capability to process large amounts of logs. | +| [data-migration/low-cost-link-to-business-data.yml](./solutions/data-migration/low-cost-link-to-business-data.yml) | This template is used to migrate business data to the cloud. When you migrate a large amount of business data to the cloud, a large network bandwidth is required. This causes the BGP costs to increase. Alibaba Cloud provides static BGP EIP bandwidth plan for users such as China Unicom, China Mobile, and China Telecom. This helps reduce the costs to migrate data to the cloud. | +| [data-migration/self-built-hive-data-warehouse-migrated-to-emr.yml](./solutions/data-migration/self-built-hive-data-warehouse-migrated-to-emr.yml) | This solution uses ROS to create an on-premises Hadoop cluster and migrate the cluster data to an Alibaba Cloud E-MapReduce cluster. | +| [database/polardb-migration-from-rds.yml](./solutions/database/polardb-migration-from-rds.yml) | This template is used to migrate data from an ApsaraDB RDS for MySQL database or a self-managed MySQL database to a PolarDB for MySQL cluster. | +| [devops/container-application-devops-for-ack-cluster.yml](./solutions/devops/container-application-devops-for-ack-cluster.yml) | This template uses DevOps to automate the building of container applications or mini programs and facilitate continuous delivery. DevOps is a combination of best practices and tools that help enterprises deliver applications and services at high velocity. In the era of containers, the number of deployed applications grows larger. These applications also change faster, with some applications having requirements on autoscaling. To meet the requirements on agile deployment, continuous delivery is critical. | | [devops/deploy-zabbix-service.yml](./solutions/devops/deploy-zabbix-service.yml) | Zabbix is a Web-based, enterprise-grade, open source solution that provides distributed system monitoring and network monitoring capabilities to monitor and track the performance, availability, and health of various IT infrastructure components. | -| [enterprise-on-cloud/create-ddh-and-deploy-cloud-server.yml](./solutions/enterprise-on-cloud/create-ddh-and-deploy-cloud-server.yml) | This template demonstrates the best practices for migrating VMware systems that are deployed or hosted in an on-premises data center to DDH. You can use DDH to build a resource pool composed of dedicated physical servers on the cloud, and use ECS to take full advantage of the resource elasticity and pay-as-you-go billing model on the cloud. This way, you can build a highly reliable and scalable high-performance virtualization system that can meet enterprise-level requirements such as security, compliance, custom deployment, and Bring Your Own License (BYOL). This template helps create a dedicated host and deploy ECS instances. | -| [enterprise-on-cloud/e-commerce-business-and-db-on-the-cloud.yml](./solutions/enterprise-on-cloud/e-commerce-business-and-db-on-the-cloud.yml) | This template can create the resources required for e-commerce website building and database migration solutions. It serves as one of the best practices for enterprises to migrate to the cloud. | -| [enterprise-on-cloud/games-or-retail-single-db-single-service.yml](./solutions/enterprise-on-cloud/games-or-retail-single-db-single-service.yml) | This template demonstrates the best practices to migrate a single database on a server to the cloud at low costs and in an agile manner. This template is suitable for startups or companies in the retail and gaming industries, and companies that operate in the amoeba model that want to improve their scalability and minimize their operating costs. | -| [enterprise-on-cloud/image-storage-and-tool-env.yml](./solutions/enterprise-on-cloud/image-storage-and-tool-env.yml) | This template is used to migrate VMware systems that are deployed or hosted in on-premises data centers to dedicated hosts in the cloud. This template uses dedicated hosts to build a resource pool composed of dedicated physical servers in the cloud. This template also uses the virtualization technology provided by ECS to develop dynamically scalable virtualization systems of high performance and high reliability, which meet enterprise-grade requirements on security, compliance, custom deployment, and BYOL. Cloud resources used in the virtualization systems are highly scalable and billed on a pay-as-you-go basis. You can also use this template to store images and build tool environments. | +| [enterprise-on-cloud/create-ddh-and-deploy-cloud-server.yml](./solutions/enterprise-on-cloud/create-ddh-and-deploy-cloud-server.yml) | This template demonstrates the best practices for migrating VMware systems that are deployed or hosted in an on-premises data center to DDH. You can use DDH to build a resource pool composed of dedicated physical servers on the cloud, and use ECS to take full advantage of the resource elasticity and pay-as-you-go billing model on the cloud. This way, you can build a highly reliable and scalable high-performance virtualization system that can meet enterprise-level requirements such as security, compliance, custom deployment, and Bring Your Own License (BYOL). This template helps create a dedicated host and deploy ECS instances. | +| [enterprise-on-cloud/e-commerce-business-and-db-on-the-cloud.yml](./solutions/enterprise-on-cloud/e-commerce-business-and-db-on-the-cloud.yml) | This template can create the resources required for e-commerce website building and database migration solutions. It serves as one of the best practices for enterprises to migrate to the cloud. | +| [enterprise-on-cloud/games-or-retail-single-db-single-service.yml](./solutions/enterprise-on-cloud/games-or-retail-single-db-single-service.yml) | This template demonstrates the best practices to migrate a single database on a server to the cloud at low costs and in an agile manner. This template is suitable for startups or companies in the retail and gaming industries, and companies that operate in the amoeba model that want to improve their scalability and minimize their operating costs. | +| [enterprise-on-cloud/image-storage-and-tool-env.yml](./solutions/enterprise-on-cloud/image-storage-and-tool-env.yml) | This template is used to migrate VMware systems that are deployed or hosted in on-premises data centers to dedicated hosts in the cloud. This template uses dedicated hosts to build a resource pool composed of dedicated physical servers in the cloud. This template also uses the virtualization technology provided by ECS to develop dynamically scalable virtualization systems of high performance and high reliability, which meet enterprise-grade requirements on security, compliance, custom deployment, and BYOL. Cloud resources used in the virtualization systems are highly scalable and billed on a pay-as-you-go basis. You can also use this template to store images and build tool environments. | | [enterprise-on-cloud/internet-industry-high-elastic-system-construction.yml](./solutions/enterprise-on-cloud/internet-industry-high-elastic-system-construction.yml) | This template uses Auto Scaling and ApsaraDB for POLARDB to provide elasticity at both the application and database levels, and uses ApsaraDB for Redis and SLB to implement automatic disaster recovery across zones. This template can help you build an elastic, highly available system for the Internet industry. | -| [enterprise-on-cloud/kingdee-windows-server-on-cloud.yml](./solutions/enterprise-on-cloud/kingdee-windows-server-on-cloud.yml) | This template deploys Kingdee Cloud Galaxy 7.5 Enterprise Edition on an ECS instance in a new VPC. You must provide the Kingdee Cloud Galaxy license and SQL Server license separately. | -| [enterprise-on-cloud/move-server-using-custom-mirror.yml](./solutions/enterprise-on-cloud/move-server-using-custom-mirror.yml) | You can migrate servers running Windows or Linux from on-premises data centers, VMs, or cloud platform hosts to Alibaba Cloud ECS. This template can be used together with the template that uses the Cloud Migration tool to perform server migration. | -| [enterprise-on-cloud/move-server-with-migration-tool.yml](./solutions/enterprise-on-cloud/move-server-with-migration-tool.yml) | You can migrate servers running Windows or Linux from on-premises data centers, VMs, or cloud platform hosts to Alibaba Cloud ECS. This template uses the Cloud Migration tool to perform migration. | -| [enterprise-on-cloud/single-website-on-cloud-cloud-architecture.yml](./solutions/enterprise-on-cloud/single-website-on-cloud-cloud-architecture.yml) | This template is used to bring a deployment architecture to the cloud. This template is suitable for small and medium-sized enterprises that want to bring their deployment architecture to the cloud after they deploy their website services of the standalone architecture to the cloud. This also allows enterprises to meet the requirements for elastic scaling. | -| [enterprise-on-cloud/single-website-on-cloud-stand-alone-server.yml](./solutions/enterprise-on-cloud/single-website-on-cloud-stand-alone-server.yml) | This template is used to deploy standalone servers in the cloud. This template is suitable for small and medium-sized enterprises that want to scale their resources when they deploy their website services of the standalone architecture in the cloud. | -| [enterprise-on-cloud/single-website-on-cloud-stand-one-click.yml](./solutions/enterprise-on-cloud/single-website-on-cloud-stand-one-click.yml) | This template is used to create a stack that includes resources such as VPCs, SLB instances, EIPs, ECS instances, and ApsaraDB RDS instances. Two ECS instances are required to install a WordPress image. After the stack is deployed, you can use the EIP generated on the Outputs tab of the stack details page to access the WordPress website. | -| [enterprise-on-cloud/vmware-on-elastic-bare-metal-server.yml](./solutions/enterprise-on-cloud/vmware-on-elastic-bare-metal-server.yml) | This template migrates a VMware environment to Alibaba Cloud ECS Bare Metal Instances. The template uses the elastic infrastructure provided by the cloud computing platform to smoothly migrate offline services to the cloud. | -| [high-performance-computing/ehpc-industrial-simulation.yml](./solutions/high-performance-computing/ehpc-industrial-simulation.yml) | This template uses E-HPC and OSS to run simulation software. In this practice, the simulation software is LAMMPS, and data is uploaded by using OSS. | -| [internet-network/enterprise-app-hotel-network.yml](./solutions/internet-network/enterprise-app-hotel-network.yml) | The migration of hotel PMSs to the cloud requires several days. Off-cloud and on-cloud hotel PMSs coexist for a long time. This template is used to build a hybrid cloud networking to ensure mutual access of PMSs between regions and branches on and off the cloud and meet the requirements of different-level enterprise nodes. For example, the headquarter IDC may require large bandwidth, high security, and strong reliability. | -| [internet-network/global-deployment-network-build-global-network.yml](./solutions/internet-network/global-deployment-network-build-global-network.yml) | In the online education industry, most teachers are not located in the same region or country as the students. For example, in scenario-based online English education programs, the teachers are based in North America, while the students are from various regions in China. This template can be used together with the template for building a resource environment in a single region to complete network planning for global deployment. | -| [internet-network/global-deployment-network-deploy-single-env.yml](./solutions/internet-network/global-deployment-network-deploy-single-env.yml) | In the online education industry, most teachers are not located in the same region or country as the students. For example, in scenario-based online English education programs, the teachers are based in North America, while the students are from various regions in China. This template helps build a resource environment in a single region. | -| [internet-network/landing-zone-cen-ack.yml](./solutions/internet-network/landing-zone-cen-ack.yml) | This template is used to plan networking between two ACK clusters across accounts in the same region by using a transit router to test the connectivity between the pods in the clusters. | -| [internet-network/landing-zone-cen-privatelink.yml](./solutions/internet-network/landing-zone-cen-privatelink.yml) | This template is used to create an endpoint service for Account A and Account B and establish an endpoint connection between the accounts to allow network access. | -| [internet-network/landing-zone-cen-tr-peer.yml](./solutions/internet-network/landing-zone-cen-tr-peer.yml) | This template is used to create VPC 1 and VPC 2 within Account A and to create VPC 3 and VPC 4 within Account B. A peering connection is established between VPC 2 and VPC 4 to reduce the traffic fees that are generated from communication between VPCs. For other VPC connections, a transit router is used to plan networking. This facilitates management of networks. | -| [internet-network/landing-zone-cen-tr.yml](./solutions/internet-network/landing-zone-cen-tr.yml) | This template is used to establish cross-region network connections between Account A and Account B by using Cloud Enterprise Network (CEN) instances and transit routers. This template is also used to add the virtual private cloud (VPC) of Account B to the CEN instances of Account A and Account B to enable mutual access between the networks. | -| [internet-network/multi-avaiable-areas-building-services.yml](./solutions/internet-network/multi-avaiable-areas-building-services.yml) | This template builds services across multiple zones in a region. It is ideal for users who have on-premises data centers and need to build a multi-region, multi-zone hybrid cloud with highly stable business architecture. Physical connection is the most efficient and stable method to connect an on-premises data center to a VPC. | -| [internet-network/multi-region-multi-area-network-interworking.yml](./solutions/internet-network/multi-region-multi-area-network-interworking.yml) | This template can be used with the template for building services across multiple zones in a region to build a multi-region, multi-zone hybrid cloud. It is ideal for users who have on-premises data centers and need to build a multi-region, multi-zone hybrid cloud with highly stable business architecture. Physical connection is the most efficient and stable method to connect an on-premises data center to a VPC. | -| [machine-learning-ai/hybrid-cloud-uses-ali-ai-acceleration-tools.yml](./solutions/machine-learning-ai/hybrid-cloud-uses-ali-ai-acceleration-tools.yml) | This template is used to build Kubernetes services, create on-premises clusters, and create elastic Alibaba Cloud GPU instances in the cloud. This template uses AIACC and CPFS to run AI training and AI inference jobs. This template is suitable for hybrid cloud scenarios. | -| [media-service/fpga-cloud-servers.yml](./solutions/media-service/fpga-cloud-servers.yml) | This template is used to deploy a real-time transcoding solution that provides high-quality images at low bit rates. This solution accelerates image and video transcoding and reduces transmission bandwidth. This allows you to minimize your bandwidth, transcoding, and storage costs. | -| [middleware/existing-vpc-cluster-kafka.yml](./solutions/middleware/existing-vpc-cluster-kafka.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group. The ECS instance that is assigned an EIP is the management node. Auto Scaling manages the remaining ECS instances. Java JDK version 1.8.0, Scala version 2.12, and Kafka version 0.10.2.2 are used. Application data is stored in the mounted data disk (mount directory of the data disk: /home/software; directory of Kafka bin: /home/software/kafka/bin). To log on to the Kafka Manager console, you must configure the inbound rule that allows access over TCP port 9000. | -| [middleware/existing-vpc-cluster-rabbitmq.yml](./solutions/middleware/existing-vpc-cluster-rabbitmq.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group to deploy a RabbitMQ cluster of version 3.8.4, and uses SLB to evenly distribute network traffic to ensure high availability for the cluster. This template also uses Auto Scaling to scale the cluster. During a scaling activity, ROS creates EssRamRole to authorize OOS to add slave nodes to or remove slave nodes from the cluster. RabbitMQ is an open source message-broker software which uses AMQP in the architecture of the service. This software is robust, stable, and easy to use. You can use RabbitMQ to connect multiple clients and develop applications in multiple languages. To log on to the RabbitMQ console, you must configure the inbound rule that allows traffic over TCP port 15672. If a client needs to connect to RabbitMQ, you must configure the inbound rule that allows traffic over TCP port 5672. | -| [middleware/existing-vpc-cluster-zookeeper.yml](./solutions/middleware/existing-vpc-cluster-zookeeper.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group to deploy a ZooKeeper cluster of version 3.6.2, and uses Auto Scaling to scale the cluster. During a scaling activity, ROS creates EssRamRole to authorize OOS to automatically add nodes to or remove nodes from the cluster. ZooKeeper is a distributed coordination service for applications. You can use ZooKeeper to manage nodes, elect leaders, and manage configurations. | -| [middleware/spring-cloud-netflix-migrate-edas.yml](./solutions/middleware/spring-cloud-netflix-migrate-edas.yml) | This template seamlessly migrates Spring Cloud applications to Container Service for Kubernetes at low costs, without changes to the calling method between applications. Kubernetes is a natural fit for microservices. This template takes full advantage of the elasticity of Kubernetes to meet application scale-out requirements. After Spring Cloud applications are containerized, resource utilization is greatly improved. | -| [mini-program/fc-mini-program-backend-service.yml](./solutions/mini-program/fc-mini-program-backend-service.yml) | This template is used to build backend services of the serverless architecture for mobile applications, mini programs, and web applications. You can accelerate access to static data stored in OSS by using CDN. You can also access data stored in ApsaraDB RDS by using API Gateway and Function Compute. This template frees you from server management and service running environment management. Cloud resources required by this template support auto scaling. | -| [security-rule/business-security-for-e-commerce-sites.yml](./solutions/security-rule/business-security-for-e-commerce-sites.yml) | This template is used to provide a complete protection solution for e-commerce websites in various scenarios, such as during account registration or O&M. This template can also be used to ensure the stability of your business during O&M, and to prevent promotion abuse so that discounts are directly offered to your users. | -| [security-rule/ram-account-rights-management.yml](./solutions/security-rule/ram-account-rights-management.yml) | This template is used to manage RAM users within a single account, group resources, configure permissions, and control access to cloud resources. For example, a company that runs an e-commerce website can use RAM to group resources, build an account-user system, grant permissions, strengthen system security, and perform periodic security inspection for R&D, test, production, or other business processes. | -| [serviceless-compute/fc-web-file-backend-service.yml](./solutions/serviceless-compute/fc-web-file-backend-service.yml) | This template is used to build website file processing services of the serverless architecture. You can use APIs, SDKs, or Alibaba Cloud Management Console to upload files to specified OSS buckets or update files. These files can be automatically compressed or decompressed, and you can obtain information such as MD5 hashed values and file metadata. | -| [studio-entertainment/game-business-zone-service-env.yml](./solutions/studio-entertainment/game-business-zone-service-env.yml) | This template is used to accelerate user access and enable partitioning and aggregation of gaming data. This helps you improve user game experience and increase retention rates and profitability. | -| [studio-entertainment/light-weight-gpu-deployed-cloud-games.yml](./solutions/studio-entertainment/light-weight-gpu-deployed-cloud-games.yml) | With the widespread application of AI in scenarios such as deep learning, video processing, scientific computing, and graphic visualization, the market demand for GPU instances is growing. However, the problem of excess computing power and rising costs caused by ultra-large-scale elastic computing starting out with a single physical GPU is becoming increasingly prominent. The emergence of lightweight GPUs has broken the limitations of the traditional pass-through mode. A lightweight GPU can provide finer-grained services than a physical GPU, allowing customers to conduct business more flexibly at lower costs. | -| [database/deploy-mysql-based-on-ebs.yml](./solutions/database/deploy-mysql-based-on-ebs.yml) | Deploy high-performance MySQL services based on EBS ESSD. | +| [enterprise-on-cloud/kingdee-windows-server-on-cloud.yml](./solutions/enterprise-on-cloud/kingdee-windows-server-on-cloud.yml) | This template deploys Kingdee Cloud Galaxy 7.5 Enterprise Edition on an ECS instance in a new VPC. You must provide the Kingdee Cloud Galaxy license and SQL Server license separately. | +| [enterprise-on-cloud/move-server-using-custom-mirror.yml](./solutions/enterprise-on-cloud/move-server-using-custom-mirror.yml) | You can migrate servers running Windows or Linux from on-premises data centers, VMs, or cloud platform hosts to Alibaba Cloud ECS. This template can be used together with the template that uses the Cloud Migration tool to perform server migration. | +| [enterprise-on-cloud/move-server-with-migration-tool.yml](./solutions/enterprise-on-cloud/move-server-with-migration-tool.yml) | You can migrate servers running Windows or Linux from on-premises data centers, VMs, or cloud platform hosts to Alibaba Cloud ECS. This template uses the Cloud Migration tool to perform migration. | +| [enterprise-on-cloud/single-website-on-cloud-cloud-architecture.yml](./solutions/enterprise-on-cloud/single-website-on-cloud-cloud-architecture.yml) | This template is used to bring a deployment architecture to the cloud. This template is suitable for small and medium-sized enterprises that want to bring their deployment architecture to the cloud after they deploy their website services of the standalone architecture to the cloud. This also allows enterprises to meet the requirements for elastic scaling. | +| [enterprise-on-cloud/single-website-on-cloud-stand-alone-server.yml](./solutions/enterprise-on-cloud/single-website-on-cloud-stand-alone-server.yml) | This template is used to deploy standalone servers in the cloud. This template is suitable for small and medium-sized enterprises that want to scale their resources when they deploy their website services of the standalone architecture in the cloud. | +| [enterprise-on-cloud/single-website-on-cloud-stand-one-click.yml](./solutions/enterprise-on-cloud/single-website-on-cloud-stand-one-click.yml) | This template is used to create a stack that includes resources such as VPCs, SLB instances, EIPs, ECS instances, and ApsaraDB RDS instances. Two ECS instances are required to install a WordPress image. After the stack is deployed, you can use the EIP generated on the Outputs tab of the stack details page to access the WordPress website. | +| [enterprise-on-cloud/vmware-on-elastic-bare-metal-server.yml](./solutions/enterprise-on-cloud/vmware-on-elastic-bare-metal-server.yml) | This template migrates a VMware environment to Alibaba Cloud ECS Bare Metal Instances. The template uses the elastic infrastructure provided by the cloud computing platform to smoothly migrate offline services to the cloud. | +| [high-performance-computing/ehpc-industrial-simulation.yml](./solutions/high-performance-computing/ehpc-industrial-simulation.yml) | This template uses E-HPC and OSS to run simulation software. In this practice, the simulation software is LAMMPS, and data is uploaded by using OSS. | +| [internet-network/enterprise-app-hotel-network.yml](./solutions/internet-network/enterprise-app-hotel-network.yml) | The migration of hotel PMSs to the cloud requires several days. Off-cloud and on-cloud hotel PMSs coexist for a long time. This template is used to build a hybrid cloud networking to ensure mutual access of PMSs between regions and branches on and off the cloud and meet the requirements of different-level enterprise nodes. For example, the headquarter IDC may require large bandwidth, high security, and strong reliability. | +| [internet-network/global-deployment-network-build-global-network.yml](./solutions/internet-network/global-deployment-network-build-global-network.yml) | In the online education industry, most teachers are not located in the same region or country as the students. For example, in scenario-based online English education programs, the teachers are based in North America, while the students are from various regions in China. This template can be used together with the template for building a resource environment in a single region to complete network planning for global deployment. | +| [internet-network/global-deployment-network-deploy-single-env.yml](./solutions/internet-network/global-deployment-network-deploy-single-env.yml) | In the online education industry, most teachers are not located in the same region or country as the students. For example, in scenario-based online English education programs, the teachers are based in North America, while the students are from various regions in China. This template helps build a resource environment in a single region. | +| [internet-network/landing-zone-cen-ack.yml](./solutions/internet-network/landing-zone-cen-ack.yml) | This template is used to plan networking between two ACK clusters across accounts in the same region by using a transit router to test the connectivity between the pods in the clusters. | +| [internet-network/landing-zone-cen-privatelink.yml](./solutions/internet-network/landing-zone-cen-privatelink.yml) | This template is used to create an endpoint service for Account A and Account B and establish an endpoint connection between the accounts to allow network access. | +| [internet-network/landing-zone-cen-tr-peer.yml](./solutions/internet-network/landing-zone-cen-tr-peer.yml) | This template is used to create VPC 1 and VPC 2 within Account A and to create VPC 3 and VPC 4 within Account B. A peering connection is established between VPC 2 and VPC 4 to reduce the traffic fees that are generated from communication between VPCs. For other VPC connections, a transit router is used to plan networking. This facilitates management of networks. | +| [internet-network/landing-zone-cen-tr.yml](./solutions/internet-network/landing-zone-cen-tr.yml) | This template is used to establish cross-region network connections between Account A and Account B by using Cloud Enterprise Network (CEN) instances and transit routers. This template is also used to add the virtual private cloud (VPC) of Account B to the CEN instances of Account A and Account B to enable mutual access between the networks. | +| [internet-network/multi-avaiable-areas-building-services.yml](./solutions/internet-network/multi-avaiable-areas-building-services.yml) | This template builds services across multiple zones in a region. It is ideal for users who have on-premises data centers and need to build a multi-region, multi-zone hybrid cloud with highly stable business architecture. Physical connection is the most efficient and stable method to connect an on-premises data center to a VPC. | +| [internet-network/multi-region-multi-area-network-interworking.yml](./solutions/internet-network/multi-region-multi-area-network-interworking.yml) | This template can be used with the template for building services across multiple zones in a region to build a multi-region, multi-zone hybrid cloud. It is ideal for users who have on-premises data centers and need to build a multi-region, multi-zone hybrid cloud with highly stable business architecture. Physical connection is the most efficient and stable method to connect an on-premises data center to a VPC. | +| [iot-cloud/iot-platform-device-data-on-the-cloud.yaml](./solutions/iot-cloud/iot-platform-device-data-on-the-cloud.yaml) | This template uses the temperature and humidity sensor device as an example to describe how to connect the device to the Internet of Things platform, forward the data reported by the device to the functional computing FC, and finally push the data to the Dingpin group. | +| [machine-learning-ai/hybrid-cloud-uses-ali-ai-acceleration-tools.yml](./solutions/machine-learning-ai/hybrid-cloud-uses-ali-ai-acceleration-tools.yml) | This template is used to build Kubernetes services, create on-premises clusters, and create elastic Alibaba Cloud GPU instances in the cloud. This template uses AIACC and CPFS to run AI training and AI inference jobs. This template is suitable for hybrid cloud scenarios. | +| [media-service/fpga-cloud-servers.yml](./solutions/media-service/fpga-cloud-servers.yml) | This template is used to deploy a real-time transcoding solution that provides high-quality images at low bit rates. This solution accelerates image and video transcoding and reduces transmission bandwidth. This allows you to minimize your bandwidth, transcoding, and storage costs. | +| [middleware/existing-vpc-cluster-kafka.yml](./solutions/middleware/existing-vpc-cluster-kafka.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group. The ECS instance that is assigned an EIP is the management node. Auto Scaling manages the remaining ECS instances. Java JDK version 1.8.0, Scala version 2.12, and Kafka version 0.10.2.2 are used. Application data is stored in the mounted data disk (mount directory of the data disk: /home/software; directory of Kafka bin: /home/software/kafka/bin). To log on to the Kafka Manager console, you must configure the inbound rule that allows access over TCP port 9000. | +| [middleware/existing-vpc-cluster-rabbitmq.yml](./solutions/middleware/existing-vpc-cluster-rabbitmq.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group to deploy a RabbitMQ cluster of version 3.8.4, and uses SLB to evenly distribute network traffic to ensure high availability for the cluster. This template also uses Auto Scaling to scale the cluster. During a scaling activity, ROS creates EssRamRole to authorize OOS to add slave nodes to or remove slave nodes from the cluster. RabbitMQ is an open source message-broker software which uses AMQP in the architecture of the service. This software is robust, stable, and easy to use. You can use RabbitMQ to connect multiple clients and develop applications in multiple languages. To log on to the RabbitMQ console, you must configure the inbound rule that allows traffic over TCP port 15672. If a client needs to connect to RabbitMQ, you must configure the inbound rule that allows traffic over TCP port 5672. | +| [middleware/existing-vpc-cluster-zookeeper.yml](./solutions/middleware/existing-vpc-cluster-zookeeper.yml) | This template is used to create multiple ECS instances based on an existing VPC, vSwitch, and security group to deploy a ZooKeeper cluster of version 3.6.2, and uses Auto Scaling to scale the cluster. During a scaling activity, ROS creates EssRamRole to authorize OOS to automatically add nodes to or remove nodes from the cluster. ZooKeeper is a distributed coordination service for applications. You can use ZooKeeper to manage nodes, elect leaders, and manage configurations. | +| [middleware/spring-cloud-netflix-migrate-edas.yml](./solutions/middleware/spring-cloud-netflix-migrate-edas.yml) | This template seamlessly migrates Spring Cloud applications to Container Service for Kubernetes at low costs, without changes to the calling method between applications. Kubernetes is a natural fit for microservices. This template takes full advantage of the elasticity of Kubernetes to meet application scale-out requirements. After Spring Cloud applications are containerized, resource utilization is greatly improved. | +| [mini-program/fc-mini-program-backend-service.yml](./solutions/mini-program/fc-mini-program-backend-service.yml) | This template is used to build backend services of the serverless architecture for mobile applications, mini programs, and web applications. You can accelerate access to static data stored in OSS by using CDN. You can also access data stored in ApsaraDB RDS by using API Gateway and Function Compute. This template frees you from server management and service running environment management. Cloud resources required by this template support auto scaling. | +| [security-rule/business-security-for-e-commerce-sites.yml](./solutions/security-rule/business-security-for-e-commerce-sites.yml) | This template is used to provide a complete protection solution for e-commerce websites in various scenarios, such as during account registration or O&M. This template can also be used to ensure the stability of your business during O&M, and to prevent promotion abuse so that discounts are directly offered to your users. | +| [security-rule/ram-account-rights-management.yml](./solutions/security-rule/ram-account-rights-management.yml) | This template is used to manage RAM users within a single account, group resources, configure permissions, and control access to cloud resources. For example, a company that runs an e-commerce website can use RAM to group resources, build an account-user system, grant permissions, strengthen system security, and perform periodic security inspection for R&D, test, production, or other business processes. | +| [serviceless-compute/fc-web-file-backend-service.yml](./solutions/serviceless-compute/fc-web-file-backend-service.yml) | This template is used to build website file processing services of the serverless architecture. You can use APIs, SDKs, or Alibaba Cloud Management Console to upload files to specified OSS buckets or update files. These files can be automatically compressed or decompressed, and you can obtain information such as MD5 hashed values and file metadata. | +| [studio-entertainment/game-business-zone-service-env.yml](./solutions/studio-entertainment/game-business-zone-service-env.yml) | This template is used to accelerate user access and enable partitioning and aggregation of gaming data. This helps you improve user game experience and increase retention rates and profitability. | +| [studio-entertainment/light-weight-gpu-deployed-cloud-games.yml](./solutions/studio-entertainment/light-weight-gpu-deployed-cloud-games.yml) | With the widespread application of AI in scenarios such as deep learning, video processing, scientific computing, and graphic visualization, the market demand for GPU instances is growing. However, the problem of excess computing power and rising costs caused by ultra-large-scale elastic computing starting out with a single physical GPU is becoming increasingly prominent. The emergence of lightweight GPUs has broken the limitations of the traditional pass-through mode. A lightweight GPU can provide finer-grained services than a physical GPU, allowing customers to conduct business more flexibly at lower costs. | +| [database/deploy-mysql-based-on-ebs.yml](./solutions/database/deploy-mysql-based-on-ebs.yml) | Deploy high-performance MySQL services based on EBS ESSD. |
diff --git a/solutions/iot-cloud/iot-platform-device-data-on-the-cloud.yaml b/solutions/iot-cloud/iot-platform-device-data-on-the-cloud.yaml new file mode 100644 index 00000000..6c97e631 --- /dev/null +++ b/solutions/iot-cloud/iot-platform-device-data-on-the-cloud.yaml @@ -0,0 +1,565 @@ +ROSTemplateFormatVersion: '2015-09-01' +Description: + en: Iot platform device data on the cloud. + zh-cn: 物联网平台设备数据上云。 +Parameters: + ZoneId: + Type: String + Label: + en: VSwitch Availability Zone + zh-cn: 可用区ID + Description: + en: Availability Zone ID,
note: Before selecting, please confirm that the Availability Zone supports the specification of creating ECS resources. + zh-cn: 可用区ID。
注: 选择可用区前请确认该可用区是否支持创建ECS资源的规格。 + AssociationProperty: ALIYUN::ECS::Instance:ZoneId + InstanceType: + Type: String + Label: + en: Instance Type + zh-cn: 实例类型 + Description: + en: 'Fill in the specifications that can be used under the VSwitch availability zone;
general specifications:ecs.c5.large
note: a few zones do not support general specifications
see detail: Instance Specification Family' + zh-cn: 填写VSwitch可用区下可使用的规格;
通用规格:ecs.c5.large
注:可用区可能不支持通用规格
规格详见:实例规格族 + AssociationProperty: ALIYUN::ECS::Instance::InstanceType + AssociationPropertyMetadata: + ZoneId: ZoneId + SystemDiskCategory: + Type: String + Label: + en: System Disk Type + zh-cn: 系统盘类型 + Description: + en: 'Optional values:
[cloud_efficiency: Efficient Cloud Disk]
[cloud_ssd: SSD Cloud Disk]
[cloud_essd: ESSD Cloud Disk]
[cloud: Cloud Disk]
[ephemeral_ssd: Local SSD Cloud Disk]' + zh-cn: '可选值:
[cloud_efficiency: 高效云盘]
[cloud_ssd: SSD云盘]
[cloud_essd: ESSD云盘]
[cloud: 普通云盘]
[ephemeral_ssd: 本地SSD盘]' + AssociationProperty: ALIYUN::ECS::Disk::SystemDiskCategory + AssociationPropertyMetadata: + LocaleKey: DiskCategory + InstanceType: ${InstanceType} + ZoneId: ZoneId + InstancePassword: + Type: String + Label: + en: Instance Password + zh-cn: 实例密码 + Description: + en: Server login password, Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in). + zh-cn: 服务器登录密码,长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。 + ConstraintDescription: + en: Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in). + zh-cn: 长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。 + AllowedPattern: '[0-9A-Za-z\_\-\&:;''<>,=%`~!@#\(\)\$\^\*\+\|\{\}\[\]\.\?\/]+$' + MinLength: 8 + MaxLength: 30 + NoEcho: true + CommonName: + Type: String + Default: iot_cloud + DeviceName: + Type: String + Label: + en: Device Name + zh-cn: 设备名称 + ProductKey: + Type: String + Label: + en: Product Key + zh-cn: 产品密钥 + DeviceSecret: + Type: String + Label: + en: Device Secret + zh-cn: 设备密钥 + Host: + Type: String + Label: + en: The MQTT device Host + zh-cn: MQTT设备接入域名(VPC内地址) + Description: + en: How to get access to a domain name, Please see manage instances terminal node . + zh-cn: 获取接入域名的方法,请参见管理实例终端节点。 + AccessToken: + Type: String + Label: + en: Access Token + zh-cn: Access Token + Description: + en: The value of AccessToken from the Webhook address of the internal enterprise application robot. + zh-cn: 企业内部应用机器人Webhook地址中AccessToken的值。 +Resources: + ResourceManagerResourceGroup: + Type: ALIYUN::ResourceManager::ResourceGroup + Properties: + DisplayName: IoT-Resource-Group + Name: + Fn::Join: + - '-' + - - IoT + - Fn::Select: + - 0 + - Fn::Split: + - '-' + - Ref: ALIYUN::StackId + Vpc: + Type: ALIYUN::ECS::VPC + DependsOn: + - ResourceManagerResourceGroup + Properties: + VpcName: + Fn::Sub: ${CommonName}_VPC_IOT + CidrBlock: 192.168.0.0/16 + ResourceGroupId: + Ref: ResourceManagerResourceGroup + VSwitch: + Type: ALIYUN::ECS::VSwitch + Properties: + ZoneId: + Ref: ZoneId + VpcId: + Ref: Vpc + VSwitchName: + Fn::Sub: ${CommonName}_vsw_001 + CidrBlock: 192.168.1.0/24 + SecurityGroup: + Type: ALIYUN::ECS::SecurityGroup + DependsOn: + - ResourceManagerResourceGroup + Properties: + VpcId: + Ref: Vpc + SecurityGroupName: + Fn::Sub: ${CommonName}_SecurityGroup_1 + ResourceGroupId: + Ref: ResourceManagerResourceGroup + InstanceGroup: + Type: ALIYUN::ECS::InstanceGroup + DependsOn: + - ResourceManagerResourceGroup + Properties: + VpcId: + Ref: Vpc + InstanceName: + Fn::Sub: ${CommonName}_APP001 + VSwitchId: + Ref: VSwitch + SecurityGroupId: + Ref: SecurityGroup + ImageId: aliyun_3_x64_20G_alibase_20230727.vhd + SystemDiskSize: 20 + InstanceType: + Ref: InstanceType + SystemDiskCategory: + Ref: SystemDiskCategory + Password: + Ref: InstancePassword + IoOptimized: optimized + MaxAmount: 1 + ResourceGroupId: + Ref: ResourceManagerResourceGroup + InstanceRunCommand: + Type: 'ALIYUN::ECS::RunCommand' + Properties: + InstanceIds: + - Ref: InstanceGroup + Sync: true + Type: RunShellScript + Timeout: '300' + CommandContent: + 'Fn::Sub': >- + #!/bin/bash + + sudo yum install -y nodejs + + cat >/root/iot_device.js << 'EOF' + + const mqtt = require("aliyun-iot-mqtt"); + + // 1. 设备身份信息 + + var options = { + productKey: "${ProductKey}", + deviceName: "${DeviceName}", + deviceSecret: "${DeviceSecret}", + host: "${Host}", + }; + + // 2. 建立MQTT连接 + + const client = mqtt.getAliyunIotMqttClient(options); + //订阅云端指令Topic + + client.subscribe("/${ProductKey}/${DeviceName}/c"); + client.on("message", function (topic, message) { + console.log("topic " + topic); + console.log("message " + message); + }); + + setInterval(function () { + // 3.定时上报温湿度数据 + + client.publish( + "/sys/${ProductKey}/${DeviceName}/thing/event/property/post", + getPostData(), + { qos: 0 } + ); + }, 5 * 1000); + + function getPostData() { + const payloadJson = { + id: Date.now(), + version: "1.0", + params: { + temperature: Math.floor(Math.random() * 20 + 10), + humidity: Math.floor(Math.random() * 20 + 10), + }, + method: "thing.event.property.post", + }; + console.log("payloadJson " + JSON.stringify(payloadJson)); + return JSON.stringify(payloadJson); + } + + EOF + + cd /root + + npm config set registry https://registry.npm.taobao.org + + npm install aliyun-iot-mqtt -S + + nohup node iot_device.js & + RamUser: + Type: ALIYUN::RAM::User + Properties: + UserName: + Fn::Join: + - '-' + - - IoT-Test + - Ref: ALIYUN::StackId + CustomPolicy: + Type: ALIYUN::RAM::ManagedPolicy + Properties: + PolicyName: + Fn::Join: + - '-' + - - IoT-FC + - Ref: ALIYUN::StackId + PolicyDocument: + Version: '1' + Statement: + - Effect: Allow + Action: + - fc:ListServices + - fc:ListFunctions + - fc:GetService + - fc:GetFunction + - fc:CreateFunction + - fc:CreateService + - fc:DeleteFunction + - fc:DeleteService + - fc:GetFunctionCode + - fc:InvokeFunction + Resource: + - '*' + AliyunIOTAccessingFCRolePolicy: + Type: ALIYUN::RAM::ManagedPolicy + Properties: + PolicyName: + Fn::Join: + - '-' + - - AliyunIOTAccessingFCRole + - Ref: ALIYUN::StackId + PolicyDocument: + Version: '1' + Statement: + - Action: + - ram:AttachPolicyToRole + - ram:CreateRole + Resource: + - acs:ram:*:system:policy/AliyunIOTAccessingFCRolePolicy + - acs:ram:*:*:role/AliyunIOTAccessingFCRole + Effect: Allow + AttachCustomPolicyToUser: + DependsOn: + - CustomPolicy + - RamUser + Type: ALIYUN::RAM::AttachPolicyToUser + Properties: + PolicyType: Custom + UserName: + Fn::GetAtt: + - RamUser + - UserName + PolicyName: + Fn::GetAtt: + - CustomPolicy + - PolicyName + AttachAliyunIOTAccessingFCRolePolicyToUser: + DependsOn: + - AliyunIOTAccessingFCRolePolicy + - RamUser + Type: ALIYUN::RAM::AttachPolicyToUser + Properties: + PolicyType: Custom + UserName: + Fn::GetAtt: + - RamUser + - UserName + PolicyName: + Fn::GetAtt: + - AliyunIOTAccessingFCRolePolicy + - PolicyName + AliyunBSSOrderAccessPolicyAttachment: + Type: ALIYUN::ResourceManager::PolicyAttachment + DependsOn: + - ResourceManagerResourceGroup + Properties: + PolicyType: System + ResourceGroupId: + Ref: ResourceManagerResourceGroup + PolicyName: AliyunBSSOrderAccess + PrincipalName: + Fn::Join: + - '' + - - Ref: RamUser + - '@' + - Fn::GetAtt: + - ResourceManagerResourceGroup + - AccountId + - .onaliyun.com + PrincipalType: IMSUser + AliyunVPCReadOnlyAccessPolicyAttachment: + Type: ALIYUN::ResourceManager::PolicyAttachment + DependsOn: + - ResourceManagerResourceGroup + Properties: + PolicyType: System + ResourceGroupId: + Ref: ResourceManagerResourceGroup + PolicyName: AliyunVPCReadOnlyAccess + PrincipalName: + Fn::Join: + - '' + - - Ref: RamUser + - '@' + - Fn::GetAtt: + - ResourceManagerResourceGroup + - AccountId + - .onaliyun.com + PrincipalType: IMSUser + AliyunECSFullAccessPolicyAttachment: + Type: ALIYUN::ResourceManager::PolicyAttachment + DependsOn: + - ResourceManagerResourceGroup + Properties: + PolicyType: System + ResourceGroupId: + Ref: ResourceManagerResourceGroup + PolicyName: AliyunECSFullAccess + PrincipalName: + Fn::Join: + - '' + - - Ref: RamUser + - '@' + - Fn::GetAtt: + - ResourceManagerResourceGroup + - AccountId + - .onaliyun.com + PrincipalType: IMSUser + AliyunVPCFullAccessPolicyAttachment: + Type: ALIYUN::ResourceManager::PolicyAttachment + DependsOn: + - ResourceManagerResourceGroup + Properties: + PolicyType: System + ResourceGroupId: + Ref: ResourceManagerResourceGroup + PolicyName: AliyunVPCFullAccess + PrincipalName: + Fn::Join: + - '' + - - Ref: RamUser + - '@' + - Fn::GetAtt: + - ResourceManagerResourceGroup + - AccountId + - .onaliyun.com + PrincipalType: IMSUser + AliyunIOTFullAccessPolicyAttachment: + Type: ALIYUN::ResourceManager::PolicyAttachment + DependsOn: + - ResourceManagerResourceGroup + Properties: + PolicyType: System + ResourceGroupId: + Ref: ResourceManagerResourceGroup + PolicyName: AliyunIOTFullAccess + PrincipalName: + Fn::Join: + - '' + - - Ref: RamUser + - '@' + - Fn::GetAtt: + - ResourceManagerResourceGroup + - AccountId + - .onaliyun.com + PrincipalType: IMSUser + CustomPolicyAttachment: + Type: ALIYUN::ResourceManager::PolicyAttachment + DependsOn: + - CustomPolicy + - ResourceManagerResourceGroup + - RamUser + Properties: + PolicyType: Custom + ResourceGroupId: + Ref: ResourceManagerResourceGroup + PolicyName: + Ref: CustomPolicy + PrincipalName: + Fn::Join: + - '' + - - Ref: RamUser + - '@' + - Fn::GetAtt: + - ResourceManagerResourceGroup + - AccountId + - .onaliyun.com + PrincipalType: IMSUser + FcService: + Type: ALIYUN::FC::Service + Properties: + InternetAccess: true + ServiceName: + Fn::Join: + - '-' + - - IoT_Service + - Ref: ALIYUN::StackId + Function: + Type: ALIYUN::FC::Function + Properties: + ServiceName: + Fn::GetAtt: + - FcService + - ServiceName + FunctionName: pushData2DingTalk + Handler: index.handler + Runtime: nodejs14 + Code: + SourceCode: + 'Fn::Sub': >- + const https = require("https"); + const accessToken = "${AccessToken}"; + module.exports.handler = function (event, context, callback) { + var eventJson = JSON.parse(event.toString()); + //钉钉消息格式 + const postData = JSON.stringify({ + msgtype: "markdown", + markdown: { + title: "温湿度传感器", + text: + "#### 温湿度传感器上报\n" + + "> 设备位置:" + + eventJson.tag + + "\n\n" + + "> 设备编号:" + + eventJson.isn + + "\n\n" + + "> 实时温度:" + + eventJson.temperature + + "℃\n\n" + + "> 相对湿度:" + + eventJson.humidity + + "%\n\n" + + "> ###### " + + eventJson.time + + " 发布 by [物联网平台](https://www.aliyun.com/product/iot) \n", + }, + at: { + isAtAll: false, + }, + }); + const options = { + hostname: "oapi.dingtalk.com", + port: 443, + path: "/robot/send?access_token=" + accessToken, + method: "POST", + headers: { + "Content-Type": "application/json", + "Content-Length": Buffer.byteLength(postData), + }, + }; + const req = https.request(options, (res) => { + res.setEncoding("utf8"); + res.on("data", (chunk) => {}); + res.on("end", () => { + callback(null, "success"); + }); + }); + // 异常返回 + req.on("error", (e) => { + callback(e); + }); + // 写入数据 + req.write(postData); + req.end(); + }; +Outputs: + FcService: + Description: + en: Fc Service. + zh-cn: FC 服务。 + Value: + Fn::GetAtt: + - FcService + - ServiceName + RamUser: + Description: + en: Ram User + zh-cn: RAM用户名称。 + Value: + Fn::GetAtt: + - RamUser + - UserName + ResourceManagerResourceGroup: + Description: + en: Resource Manager Resource Group Display Name + zh-cn: 资源组显示名称。 + Value: + Fn::GetAtt: + - ResourceManagerResourceGroup + - DisplayName + InstanceGroup: + Description: + en: ECS Instance ID. + zh-cn: 实例ID。 + Value: + Fn::GetAtt: + - InstanceGroup + - InstanceIds +Metadata: + ALIYUN::ROS::Interface: + ParameterGroups: + - Parameters: + - ZoneId + - InstanceType + - SystemDiskCategory + - InstancePassword + Label: + en: ECS Configuration + zh-cn: ECS配置 + - Parameters: + - DeviceName + - ProductKey + - DeviceSecret + - Host + Label: + en: IOT Configuration + zh-cn: IOT配置 + - Parameters: + - AccessToken + Label: + en: Webhook + zh-cn: Webhook + TemplateTags: + - acs:solution:iot_cloud:物联网平台设备数据上云 + Hidden: + - CommonName