My Best Practices for Deploying a Web Application in Alibaba Cloud

  1. ECS instance of 2 vCPUs and 4GB RAM to install Nginx with PHP-FPM.
  2. ApsaraDB for RDS instance for MySQL with 1GB core, 1 GB RAM, and 10 GB storage.
  3. Direct Mail for sending emails.

Creating ECS Instance

Alibaba Cloud has documented nearly everything you will require to get started with the cloud platform. You can use the use the Getting Started Tutorials or the Tech Share Blog to learn how to start using the Alibaba Cloud. You can find the most obvious steps on the Quick Start Guide and let me walk you through the best practices to use when creating the ECS instance.

  1. Region: Since Alibaba cloud has data centers all around the globe, always choose the region which is geographically closer to the users of the application. As the data center is closer to the user, the website will load very fast due to low latency of the network. In my case, I chose Mumbai region as the organization was based in Mumbai itself.
  2. Billing Method: If you are planning to continuously run the instance 24*7, you should always choose monthly subscription as it will cut down the price by less than the half compared to Pay-As-You-Go type. For example, the monthly subscription cost of shared type ECS instance of 2 vCPUs and 4GB RAM is $23 USD but the same instance in Pay-As-You-Go costs $0.103 USD per Hour. Monthly cost becomes $0.103\*24\*30 = $74.16 USD.
  3. Instance Type: Choose the instance type according to your requirement. Resources can be increased later on demand.
  4. Image: You may find the application you wish to install on your ECS instance on Marketplace image but it is always recommended to install it yourself in a clean official image. Later if your application encounters some error, you will know where to look.
  5. Storage: System disks are deleted when the ECS instance is released. Use data disk when possible as your disk will be retained even after the instance is accidentally deleted.

Setting up ECS Instance

Once you have created your instance and logged into the terminal, there are few things I suggest you should consider before you set up your website.

  1. Rather than using the root account for executing the commands, set up a sudo user on first connection and always use the sudo user for running the commands. You can also set key based auth for the sudo user too and disable root login entirely.
  2. Always keep your base image updated. For example, you can use the following commands in Ubuntu Server.
  3. Alibaba base images do not have any extra package which is not required. Keep in mind that you also do not install any package which is not required.
  4. If things go bad during installation, you can always reset the instance by changing the system disk. You don’t need to delete the instance and recreate it.

Configuring Security Group Rules

It is very important to leave no unused port open in security group of the ECS instance. Have a look at the security group rules I used for the SuiteCRM instance.

Creating RDS Instance

The first question arises in mind before we create the RDS instance is why exactly we need it. We could also install any open source database server such as MySQL, MariaDB, PostgreSQL or MongoDB server on the ECS instance itself.

  1. Region: Always choose the same region to create the database instance where the ECS instance is created. Also, make sure that they both are in the same VPC. This will enable you to leverage the free intranet data transfer between the hosts in the same network. Another advantage is that you will need to whitelist only the private IP address of the ECS instance. This increases the security of the database to a great extent.
  2. Billing: Again, the cost of monthly subscription is less than that of Pay-As-You-Go method. Choose according to your needs.
  3. Capacity: You can start with a low-end configuration such as 1 Core, 1 GB instance, and 5 GB storage. Later on the requirement, you can increase the resources.
  4. Accounts: Never create the Master account for MySQL 5.6 instance unless required. You can create a database and a database user for each database.


As the internet is growing more and more websites are being added on daily basis. When Let’s Encrypt certificate authority started giving SSL certificates for free, it became a trend to use SSL on every website. For the purpose of security, it is very important to use SSL on a web application. If the data being exchanged is unencrypted, a person eavesdropping into the network may extract the confidential information.

Setting up Direct Mail

Setting up an email server by yourself should be avoided as to create an enterprise-grade web server requires expertise, time and the cost to maintain get very high. A slight misconfiguration leads the email directly into the spam folder.

Web-Based Installation

Finally, I had everything ready. The SuiteCRM application hosted on ECS. Database server hosted on ApsaraDB for RDS. I could easily go through the web-based installation to install the software.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Alibaba Cloud

Alibaba Cloud


Follow me to keep abreast with the latest technology news, industry insights, and developer trends. Alibaba Cloud website: