DocsICP FilingConsole
官方文档
首页

Work with instance diagnostics

更新时间:
复制 MD 格式
产品详情
我的收藏

Instance diagnostics comprehensively analyzes your cloud service instances, including their configurations, status, billing, and security policies. After an analysis completes, you receive diagnostic results with actionable suggestions.

Supported instance types

You can diagnose the following types of instances:

  • Classic Load Balancer (CLB)

  • Application Load Balancer (ALB)

  • Network Load Balancer (NLB)

  • NAT Gateway

  • Elastic IP Address (EIP)

  • Global Accelerator (GA)

  • VPN Gateway

  • Virtual Border Router (VBR)

  • Transit router

Diagnose an instance

  1. Log on to the NIS console.

  2. In the left-side navigation pane, choose Self-diagnostics > Instance Diagnostics.

  3. On the Instance Diagnostics page, click Diagnose Instance.

    The first time you run a diagnosis, the system automatically creates the service-linked role AliyunServiceRoleForNis. For more information, see Service-linked Role.

  4. In the Instance Health Diagnostics dialog box, configure the following parameters and click Start.

    Parameter

    Description

    Diagnosis type

    The type of instance to diagnose. Valid values: CLB, ALB, NLB, NAT Gateway, Elastic IP Address, Global Accelerator, VPN, Virtual Border Router, or TransitRouter.

    Region

    Select the region where the instance is deployed.

    Instance

    Select the specific instance to diagnose.

  5. In the Diagnostic Details panel, review the diagnosis progress, result statistics, and item-level details. If an anomaly is found, the panel displays: Some diagnostic items of the instance show anomalies. Resolve the issues at the earliest opportunity. To see all diagnostic items regardless of their status, select Show All Diagnostic Items in the Diagnostic Items section.

  6. (EIP instances only) To check for carrier-related connectivity issues, run an Internet diagnosis. The system checks Internet connectivity from carriers inside and outside the Chinese mainland to the target EIP. If an issue is found, the system provides possible causes and troubleshooting suggestions.

    1. In the Internet Diagnosis section of the Diagnostic Details panel, click Internet Diagnosis.

    2. In the dialog box that appears, select an Access Area and click OK.

Diagnostic items

The following table describes the main diagnostic items checked during a diagnosis.

Diagnostic item

What it checks

Health check diagnosis

Health check status of listeners on SLB instances

Configuration diagnosis

Whether instance status and configurations are normal

Capacity limit diagnosis

Bandwidth limit excess, packet loss, connection count, query count, and bandwidth usage

Certificate diagnosis

Whether the instance certificate is valid

Security policy check

Basic DDoS protection status, Cloud Firewall interception, and security control penalties

Fee diagnosis

Overdue payment warnings and account status

Service access diagnosis

Connection count, handshake failure rate, bandwidth, and error code distribution during service access

Routing diagnosis

Route conflicts between network instances under a TransitRouter, and the match between VPC destination-based routes and TransitRouter destination-based routes

For the full list of diagnostic items per instance type, see:

More operations

On the Instance Diagnostics page, you can also perform the following operations.

  • View a report: Find the target instance and click View Report in the Actions column. The diagnostic details appear in the Diagnostic Details panel.

  • Re-diagnose: Find the target instance and click Re-diagnose in the Actions column.

  • Delete records: Find the target instance, click Delete in the Actions column, and click OK in the dialog box.

FAQ

Does instance diagnosis support diagnosing the historical status of an instance?

No. Instance diagnosis checks data from the last 15 minutes only, so it reflects the current status of an instance, not a past state.

For example, if an EIP becomes unreachable at 09:00 and recovers at 09:30, running a diagnosis at 10:00 covers only the instance status from 09:45 to 10:00. The diagnosis cannot identify the cause of the earlier outage.

My CLB instance has health checks configured, but the diagnosis shows an abnormal status. Why?

Instance diagnosis checks the health of all listeners on a CLB instance. An abnormal result means either health checks are not configured on one or more listeners, or the health check status is currently abnormal.

For specific causes—such as a service not running on the listener port or an iptables rule blocking traffic on a backend server—use the further diagnosis feature to pinpoint the root cause.

The further diagnosis feature supports CLB backend servers running CentOS, Ubuntu, and Alibaba Cloud Linux only. It is not available for Windows or other operating systems.

What are the common scenarios for EIP instance diagnosis?

When an EIP attached to an ECS instance cannot be accessed from the Internet, diagnose the EIP to identify the cause. Common causes include:

  • The EIP entered a blackhole filtering status because its traffic reached the basic DDoS protection threshold.

  • The EIP was blocked by the security department due to violations.

  • The EIP's traffic reached the limit of its associated bandwidth plan, affecting normal traffic forwarding.

Previous:Self-service diagnosticsNext:Use Reachability Analyzer