DocsICP FilingConsole
官方文档
首页

Connect an IoT device to an ECS instance

更新时间:
复制 MD 格式
产品详情
我的收藏

This topic describes how to use Cloud Connector (CC) to connect an Internet of Things (IoT) device to an Elastic Compute Service (ECS) instance on Alibaba Cloud. You can use CC to secure data transmission and reduce the time for connecting to cloud services.

Scenarios

The following scenario is used as an example in this topic. An IoT device in the China (Hangzhou) region needs to access ECS instances on Alibaba Cloud. You can use CC to create a secure and reliable connection between the IoT device and the ECS instances. Access ECS instances

Prerequisites

  • CC is activated. For more information, see Activate Cloud Connector.
  • An IoT card is purchased and activated and a dedicated Access Point Name (APN) is obtained. For more information, see Purchase an IoT card.
  • A virtual private cloud (VPC) in which you want to deploy a CC instance is created. A primary vSwitch is created in one zone, and a secondary vSwitch is created in another zone. For more information, see Create a VPC and a vSwitch.
    Note Make sure that the vSwitches and the CC instance are deployed in the same region.
  • ECS1 and ECS2 are created in the VPC. For more information, see Custom launch ECS instances.
The following table describes how networks are planned in this example.
NodeNetwork
IoT deviceIP address: 10.193.XX.XX
VPCCIDR block: 172.16.0.0/24
ECS
  • IP address of ECS1: 172.16.10.1
  • IP address of ECS2: 172.16.10.10

Procedure

Access OSS

Step 1: Create a CC instance

  1. Log on to the Cloud Connector console.
  2. In the top navigation bar, select the region where you want to create the CC instance.
  3. On the Instances page, click Create Instance.
  4. On the Create Instance page, set the following parameters and click Complete.
    ParameterDescription
    Basic information
    RegionDisplays the region where you want to deploy the CC instance. In this example, China (Hangzhou) is displayed.
    NameEnter a name for the CC instance.
    ISPSelect an Internet service provider (ISP). In this example, China Unicom is selected.
    APNSelect an APN.

    In this example, a dedicated APN for IoT cards is selected.

    Network Settings
    VPCSelect the VPC that you created.

    Your IoT device can access the VPC through the CC instance.

    vSwitchSelect the vSwitches that you created in two different zones in the China (Hangzhou) region.
    Note
    • After the CC instance is created, you cannot change the specified APN or ISP.
    • When you create a CC instance, the system checks whether the AliyunServiceRoleForCCIoT and AliyunServiceRoleForNatgw service-linked roles are created. If the service-linked roles do not exist, the system automatically creates the roles. For more information, see AliyunServiceRoleForCCIoT and AliyunServiceRoleForNatgw.

Step 2: Add the IP address of the IoT device

To enable access to the ECS instances, you must add the IP address of the IoT device to the CC instance. Make sure that the IP address meets the following requirements:
  • The IP address that is assigned to the IoT device matches the dedicated access point name (APN) that you specify when you create the CC instance.
  • The IP address is not associated with another CC instance.
  1. On the Instances page, find the CC instance that you want to manage and click Associate IP Address in the Actions column.
  2. On the IP Management tab, click Download Template, add one or more IP addresses to the template, and then save the file. In this example, the IP address 10.193.XX.XX is added.
  3. On the IP Management tab, click Add IP Address.
  4. In the Add IP Address dialog box, set the following parameters and click OK:
    1. Add Type: Select a type. In this example, IP Address is selected.
    2. Upload IP Address: Click Select File, and select the file that you saved in Step 2. After the file is uploaded, click OK.
    Note You can upload only CSV files.

Step 3: Configure an authorization rule

Before the IoT device can access the ECS instances, you must configure an authorization rule for the CC instance. When you configure the authorization rule, you must set the destination to the private IP addresses of the ECS instances that you want to access.

  1. On the Instances page, find the target Cloud Connector instance, and in the Actions column, click Configure Authorization Rule.

  2. On the Authorization Rules tab, choose Authorization Rules > Add Rule.
  3. In the Add Rule dialog box, set the following parameters and click OK.
    ParameterDescription
    Rule NameEnter a name for the authorization rule.
    DestinationSpecify the destination.
    1. Select a destination type. Valid values: Domain Name and CIDR Block. In this example, CIDR Block is selected.
    2. Enter a domain name, an IP address, or a CIDR block based on the specified destination type. In this topic, 172.16.0.0/24 is used. This is the CIDR block of the VPC to which the ECS instances belong.
    ActionSelect an action. In this example, Allow is selected.

Step 4: Test the network connectivity

  1. Insert the IoT card into the IoT device.
  2. Log on to the IoT device, open the CLI, and ping the IP address of ECS1 or ECS2 to test the network connectivity. In this topic, the IP address of ECS1 is pinged. If you can receive echo reply packets, the connection is established. 
     ping <Private IP address of ECS1>
Note The test method varies based on the IoT device. For more information, see the user guide of your IoT device.
Previous:Purchase an IoT cardNext:Connect an IoT device to IoT Platform