why developers are flocking to alibaba cloud: a hands‑on deep dive, hard lessons, and a build‑ready tutorial

P
@pilput
8 months ago0views

what’s behind the shift: why developers are choosing alibaba cloud

for beginners, students, and early-career engineers, alibaba cloud offers a practical, affordable way to learn devops, ship full stack apps, and practice real-world coding workflows. it’s widely used across asia and increasingly globally, with a strong set of services comparable to aws, gcp, and azure—often with competitive pricing and generous free tiers.

  • cost-effective: ecs (elastic compute service) instances and object storage (oss) are budget-friendly for side projects and learning.
  • global reach: multiple regions, reliable bandwidth, and cdn options, useful for seo-focused projects targeting international traffic.
  • developer tooling: container registry (acr), container service for kubernetes (ack), serverless (function compute), and devops pipelines (cloudeffect/actiontrail integrations).
  • documentation & sdks: good language coverage: node.js, python, java, go—great for full stack learners.

what you’ll build: a deployable full stack app with ci/cd

we’ll build a simple node.js + express api with a static frontend, containerize it with docker, push to alibaba cloud container registry, and deploy to an ecs instance. we’ll add https and a minimal ci pipeline. this mirrors a real-world devops pipeline and is great practice for interviews.

prerequisites

  • alibaba cloud account with access to ecs and acr.
  • local: git, node.js 18+, docker, and ssh client.
  • basic linux familiarity (ubuntu/debian example used).
  • optional: your own domain for https (helps seo and professional polish).

architecture at a glance

  • frontend: static html/css/js served by nginx.
  • backend: node.js express api running in docker.
  • registry: alibaba cloud container registry (acr) for images.
  • compute: ecs ubuntu host using docker compose.
  • tls: let’s encrypt via nginx/certbot (optional but recommended).

step 1 — create an ecs instance

  1. in the alibaba cloud console, go to ecs > instances > create instance.
  2. select a region close to your users for faster response (good for seo user experience signals).
  3. choose a cost-effective instance (e.g., burstable t5 or g6).
  4. os: ubuntu 22.04 lts.
  5. networking: create a security group allowing ports 22 (ssh), 80 (http), 443 (https), and any custom api ports if needed.
  6. set or upload an ssh key pair (safer than passwords).

step 2 — install docker and docker compose on ecs

# ssh into your ecs instance
ssh -i ~/.ssh/your_key.pem root@your_ecs_public_ip

# update packages
apt-get update -y

# install docker
apt-get install -y ca-certificates curl gnupg lsb-release
install -m 0755 -d /etc/apt/keyrings
curl -fssl https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] \
  https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" \
  | tee /etc/apt/sources.list.d/docker.list > /dev/null
apt-get update -y
apt-get install -y docker-ce docker-ce-cli containerd.io

# enable and test
systemctl enable docker
systemctl start docker
docker --version

# install docker compose plugin
apt-get install -y docker-compose-plugin
docker compose version

step 3 — initialize a simple full stack app

create a project structure locally:

mkdir alicloud-fullstack
cd alicloud-fullstack

backend: node.js express api

mkdir api
cd api
npm init -y
npm install express cors
cat > index.js << 'eof'
const express = require('express');
const cors = require('cors');
const app = express();
app.use(cors());
app.get('/api/health', (req, res) => res.json({ ok: true, ts: date.now() }));
app.get('/api/hello', (req, res) => res.json({ message: 'hello from alibaba cloud!' }));
const port = process.env.port || 3000;
app.listen(port, () => console.log('api listening on ' + port));
eof

cat > dockerfile << 'eof'
from node:18-alpine
workdir /app
copy package*.json ./
run npm ci --omit=dev
copy . .
expose 3000
cmd ["node", "index.js"]
eof
cd ..

frontend: static site (seo-friendly)

mkdir web
cat > web/index.html << 'eof'



  
  alibaba cloud full stack demo
  
  
  
  


  
alibaba cloud full stack demo

  
this page calls our api hosted on ecs. great practice for devops and full stack skills.

  
  
click to ping...

  


eof

step 4 — compose services (nginx + api)

we’ll serve the frontend via nginx and reverse-proxy /api to the node.js container.

cat > nginx.conf << 'eof'
events {}
http {
  server {
    listen 80;
    server_name _;
    root /usr/share/nginx/html;
    index index.html;

    location /api/ {
      proxy_pass http://api:3000/;
      proxy_set_header host $host;
      proxy_set_header x-real-ip $remote_addr;
    }
  }
}
eof

cat > dockerfile.nginx << 'eof'
from nginx:alpine
copy nginx.conf /etc/nginx/nginx.conf
copy web/ /usr/share/nginx/html/
eof

cat > docker-compose.yml << 'eof'
services:
  api:
    build:
      context: ./api
    image: api:local
    restart: unless-stopped
  web:
    build:
      context: .
      dockerfile: dockerfile.nginx
    image: web:local
    depends_on:
      - api
    ports:
      - "80:80"
    restart: unless-stopped
eof

step 5 — set up alibaba cloud container registry (acr)

  1. open acr in console. create an instance (choose a region close to ecs).
  2. create a namespace (e.g., demo) and two repositories: demo/api and demo/web.
  3. from your local machine, log in and push images:
# replace region and registry endpoint accordingly
reg=registry.${your_region}.aliyuncs.com
ns=demo
docker login $reg -u your_acr_username -p your_acr_password

# build images
docker build -t $reg/$ns/api:1.0 ./api
docker build -t $reg/$ns/web:1.0 -f dockerfile.nginx .

# push
docker push $reg/$ns/api:1.0
docker push $reg/$ns/web:1.0

step 6 — deploy on ecs with compose (pull from acr)

# on ecs host, login to acr
docker login $reg -u your_acr_username -p your_acr_password

# create deployment directory
mkdir -p /opt/alicloud-app && cd /opt/alicloud-app

# production docker-compose.yml referencing acr images
cat > docker-compose.yml << 'eof'
services:
  api:
    image: registry/namespace/api:1.0
    restart: unless-stopped
  web:
    image: registry/namespace/web:1.0
    depends_on:
      - api
    ports:
      - "80:80"
    restart: unless-stopped
eof

# replace placeholders
sed -i "s|registry|$reg|g; s|namespace|$ns|g" docker-compose.yml

# start
docker compose up -d

# test
curl http://localhost/api/health

step 7 — add https (recommended for seo and security)

use a domain pointing to your ecs public ip. update dns a record. then:

# install certbot with nginx plugin (host-based approach)
apt-get install -y certbot

# if using containerized nginx, simplest path: switch to host nginx proxy for tls termination.
# stop web service temporarily
docker compose stop web

# install host nginx
apt-get install -y nginx
cat > /etc/nginx/sites-available/app.conf << 'eof'
server {
  listen 80;
  server_name your-domain;
  location / {
    proxy_pass http://127.0.0.1:8080;
  }
  location /api/ {
    proxy_pass http://127.0.0.1:3000/;
  }
}
eof
ln -s /etc/nginx/sites-available/app.conf /etc/nginx/sites-enabled/app.conf
nginx -t && systemctl restart nginx

# expose containers on 127.0.0.1 only
cat > docker-compose.yml << 'eof'
services:
  api:
    image: registry/namespace/api:1.0
    restart: unless-stopped
    ports:
      - "127.0.0.1:3000:3000"
  web:
    image: registry/namespace/web:1.0
    depends_on:
      - api
    ports:
      - "127.0.0.1:8080:80"
    restart: unless-stopped
eof
sed -i "s|registry|$reg|g; s|namespace|$ns|g" docker-compose.yml
docker compose up -d

# obtain tls cert
apt-get install -y certbot python3-certbot-nginx
certbot --nginx -d your-domain --redirect --agree-tos -m [email protected] -n

note: you can also manage certificates via alibaba cloud certificate manager and slb/alb if you move to load balancers later.

step 8 — quick ci with github actions

automate build and push to acr on git push to main:

# .github/workflows/deploy.yml
name: build and push to acr
on:
  push:
    branches: [ "main" ]
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: set up docker buildx
        uses: docker/setup-buildx-action@v3

      - name: login to acr
        uses: docker/login-action@v3
        with:
          registry: ${{ vars.acr_registry }}
          username: ${{ secrets.acr_username }}
          password: ${{ secrets.acr_password }}

      - name: build and push api
        uses: docker/build-push-action@v6
        with:
          context: ./api
          push: true
          tags: ${{ vars.acr_registry }}/${{ vars.acr_namespace }}/api:${{ github.sha }}

      - name: build and push web
        uses: docker/build-push-action@v6
        with:
          context: .
          file: dockerfile.nginx
          push: true
          tags: ${{ vars.acr_registry }}/${{ vars.acr_namespace }}/web:${{ github.sha }}

on the ecs host, you can pull the latest tags and restart with zero downtime strategies (e.g., compose profiles or two services behind nginx). for a beginner-friendly step, manually update the tag in docker-compose.yml and run docker compose up -d.

common hard lessons and how to avoid them

  • security groups misconfigured: if the site isn’t loading, verify ports 80/443 open to 0.0.0.0/0 and ssh restricted to your ip.
  • region mismatch: keep ecs and acr in the same region to avoid egress fees and slow pulls.
  • out-of-disk on small ecs: use docker system prune, log rotation, or pick a slightly larger disk.
  • domain propagation delays: dns updates may take time. lower ttl before switching.
  • env variables: store secrets in actions secrets and ecs environment files; never hardcode in images.

performance and seo tips

  • compression and caching: enable gzip/brotli and set cache headers in nginx for static files.
  • image optimization: serve webp/avif where possible; reduces lcp for better core web vitals.
  • cdn: use alibaba cloud cdn in front of nginx for global speed.
  • monitoring: enable cloudmonitor and actiontrail; log api latency and error rates.
  • ci gates: run unit tests and eslint in your workflow to keep quality high.

next steps: scale and extend

  • managed kubernetes (ack): move containers to ack for rolling updates and autoscaling.
  • databases: add rds (mysql/postgresql) or polardb; configure vpc and security groups.
  • serverless: offload background tasks to function compute for cost efficiency.
  • observability: ship logs to log service (sls), set alerts, and trace with arms.

cheat sheet: quick commands

# build local images
docker compose build

# run locally
docker compose up -d
curl http://localhost/api/health

# tag and push to acr
docker tag api:local $reg/$ns/api:1.0 && docker push $reg/$ns/api:1.0
docker tag web:local $reg/$ns/web:1.0 && docker push $reg/$ns/web:1.0

# on ecs
docker compose pull && docker compose up -d

conclusion

alibaba cloud provides a practical, budget-conscious platform for learning and shipping modern full stack apps with a real devops toolchain. by containerizing your coding projects, using acr for images, and deploying on ecs or ack, you’ll build skills that translate across clouds—while delivering fast, secure experiences that help your project’s seo and user satisfaction.

Comments

Discussion

Share your thoughts and join the conversation

Loading comments...

Join the Discussion

Please log in to share your thoughts and engage with the community.

Log InSign Up