DocsICP FilingConsole
官方文档
首页

Manage ENIs

更新时间:
复制 MD 格式
产品详情
我的收藏

Elastic Network Interfaces (ENIs) help you build high availability clusters, implement low-cost failover, and perform fine-grained network management. You can modify, detach, and delete ENIs in the console or by calling OpenAPI operations.

Modify ENI properties

You can modify the properties of an ENI. For a secondary ENI, you can modify its name, description, and associated security groups. For a primary ENI, you can modify only its name and description. To change the security groups associated with a primary ENI, you must change the security groups of the ECS instance to which the ENI is attached.

Notes

To change the security groups associated with an ENI, note the following:

  • The rules of the security groups associated with an ECS instance apply to the primary ENI of the instance. The primary ENI is added to the same security groups as the instance. If you want to change the security groups for the primary ENI, change the security groups for the ECS instance. For more information, see Add an instance to, remove an instance from, or change the security group of an instance.

  • A secondary ENI must be associated with at least one security group. Each secondary ENI of an ECS instance can be associated with a limited number of security groups. For more information, see the Limits section of the "Limits" topic.

  • The secondary ENIs of an ECS instance and the security groups to which you want to add the secondary ENIs must use the same network type. If the secondary ENIs of the ECS instance and the security groups use the VPC network type, they must belong to the same VPC.

  • A secondary ENI can be added only to security groups that are of the same type (basic or advanced). For more information, see Basic and advanced security groups.

Procedure

You can modify the name and description of primary and secondary ENIs, and the security groups associated with secondary ENIs, in the console or by calling an API operation.

Modify in the console

  1. Go to ECS console - Elastic Network Interfaces.

  2. In the top navigation bar, select the region and resource group of the resource that you want to manage. Region

  3. Click the ID of the target ENI to go to its details page.

    image

    • ENI Name: Click the 编辑 icon and set a new name for the ENI as prompted.

    • Description: Click the 编辑 icon and modify the description of the ENI as prompted.

    • Change Security Groups: Click Change Security Groups. In the Change Security Groups dialog box, you can add the instance to a new security group or remove it from an existing one. The instance must belong to at least one security group.

Modify by calling an API operation

  • You can call the ModifyNetworkInterfaceAttribute API operation to modify the properties of an ENI, such as its name, description, and associated security groups.

  • After the modification is complete, you can call the DescribeNetworkInterfaceAttribute operation to query the properties of the ENI by specifying its NetworkInterfaceId.

Detach an ENI

If your instance has multiple ENIs attached, you can detach the secondary ENIs that you no longer need.

Limits

  • The primary ENI is released with the instance and cannot be detached.

  • The instance from which you want to detach an ENI must be in the Stopped or Running state.

    Some instance types do not support hot-swapping. For these instance types, you can detach a secondary ENI only when the instance is in the stopped state.

    ECS instance types that do not support the hot swapping feature of secondary ENIs

    Instance family

    Instance type

    s6, shared standard instance family

    ecs.s6-c1m1.small, ecs.s6-c1m2.large, ecs.s6-c1m2.small, ecs.s6-c1m4.large, and ecs.s6-c1m4.small

    e, economy instance family

    ecs.e-c1m1.large, ecs.e-c1m2.large, ecs.e-c1m4.large, ecs.e-c4m1.large, and ecs.e-c2m1.large

    t6, burstable instance family

    ecs.t6-c1m1.large, ecs.t6-c1m2.large, ecs.t6-c1m4.large, ecs.t6-c2m1.large, and ecs.t6-c4m1.large

    t5, burstable instance family

    ecs.t5-c1m1.large, ecs.t5-c1m2.large, ecs.t5-c1m4.large, ecs.t5-lc1m1.small, ecs.t5-lc1m2.large, ecs.t5-lc1m2.small, ecs.t5-lc1m4.large, and ecs.t5-lc2m1.nano

    xn4, n4, mn4, and e4, previous-generation shared instance families

    • ecs.xn4.small

    • ecs.n4.small and ecs.n4.large

    • ecs.mn4.small and ecs.mn4.large

    • ecs.e4.small and ecs.e4.large

  • If your secondary ENI has elastic Remote Direct Memory Access (eRDMA) enabled (the NIC is Secondary ENI (Elastic RDMA Interface)), check if any applications are using eRDMA. If they are, stop the applications first. Otherwise, the eRDMA kernel cannot detach the eRDMA-enabled secondary ENI because user mode processes are still running.

    How to view and stop applications that are using eRDMA

    1. Remotely connect to the Linux instance.

      For more information, see Log on to a Linux instance using Workbench.

    2. Run the following command to view the reference count of the eRDMA kernel module:

      lsmod | grep erdma

      • If the count is 0, no further action is required.

        image

      • If the count is not 0, an application is using eRDMA. You must stop the application first.

        image

    3. Query and stop the applications that are using eRDMA until the reference count of the eRDMA kernel module becomes 0.

      Example command:

      image

Procedure

Detach in the console

  1. Go to ECS console - Elastic Network Interfaces.

  2. In the top navigation bar, select the region and resource group of the resource that you want to manage. Region

  3. Find the target secondary ENI that is in the InUse state. In the Operation column, click Unbind.

  4. In the Unbind dialog box, review the information and click OK.

    Refresh the list. If the status of the elastic network interface (ENI) is Available, the ENI is disassociated from the instance.

Detach by calling an API operation

You can call the DetachNetworkInterface operation to detach an ENI from an instance. Specify the NetworkInterfaceId of the ENI and the InstanceId of the instance.

  • If you manually configured an ENI by modifying its network configuration file, you must delete or modify the file after you detach the ENI. Then, restart the network service to apply the changes. For more information, see Method 2: Manually configure the ENI using a network configuration file.

  • After you detach an ENI from an instance, you can attach it to another existing ECS instance in the same VPC and zone. You can also select an ENI in the Available state in the same VPC and zone to use as the primary or secondary ENI when you create an instance. This lets you reuse network configurations and ENI features. For more information about attaching an ENI, see Create and use an ENI.

Manage ENIs by category

As your number of cloud resources increases, managing them can become challenging. To simplify resource management, you can use tags to categorize resources that share common characteristics, such as ENIs that belong to the same organization or have the same purpose.

Tags help you easily retrieve and manage resources and enable fine-grained management. For more information about how to use tags, supported resources, and limits, see Tags and Tag limits.

Procedure

  1. Go to ECS console - Elastic Network Interfaces.

  2. In the top navigation bar, select the region and resource group of the resource that you want to manage. Region

  3. Find the target ENI. In the Tag column, hover the pointer over the image icon and perform one of the following operations.

    • If no tags are attached to the Elastic Network Interface (ENI), click will be bound to instances. Are you sure that you want to perform this operation?.

    • If the ENI has tags, click Modify.

  4. In the Edit Tags dialog box, select an existing tag or enter a new tag key and tag value. Then, click OK.

Delete an ENI

If you no longer need an ENI, you can detach and then delete it to release its resources.

Prerequisites

  • The ENI must be in the Available state.

    A primary ENI cannot be detached from an instance. It is released when the instance is released.

  • If a secondary ENI is attached to an ECS instance, you must detach it first. For more information, see Detach an ENI.

Notes

  • If you enable the Release with Instance feature for an ENI and the ENI is not detached from the instance, the ENI is deleted when the instance is released.

  • When you delete an ENI, all its private IP addresses are automatically released, and the ENI is automatically removed from all security groups to which it belongs.

  • The elastic IP addresses (EIPs) associated with an ENI are not released when the ENI is deleted. If you no longer need the EIPs, you must release them separately. You are no longer charged for an EIP after it is released. For more information, see Release a pay-as-you-go EIP.

Procedure

Delete in the console

  1. Go to ECS console - Elastic Network Interfaces.

  2. In the top navigation bar, select the region and resource group of the resource that you want to manage. Region

  3. Find the target ENI that is in the Available state. In the Actions column, choose 更多 > Delete.

  4. In the dialog box that appears, click OK.

    Refresh the list. If the ENI no longer appears in the list, it is deleted.

API deletion

You can call the DeleteNetworkInterface operation to delete an ENI. Specify the NetworkInterfaceId of the ENI.

Previous:Retain an ENI on instance releaseNext:Managed ENIs