Migration Guide For Small And Medium Enterprises Alibaba Cloud’s Singapore Cn2 Instance Configuration Recommendations

1) evaluate the existing load: concurrent connections, daily requests, peak bandwidth (such as peak bandwidth 120mbps, average 20mbps).
2) determine business priorities: web page response, file download, api throughput, database consistency, etc.
3) quantification of network requirements: the one-way delay from the target country to singapore is <120ms, and the packet loss rate is <0.5%.
4) security and compliance points: data residency, encryption requirements, ddos protection level (normal/advanced).
5) cost budget: target monthly cost range (example: 500-2000 us dollars/month) and elastic expansion and contraction strategy.
6) list the migration window and rollback plan: expected downtime, rollback thresholds and verification points.

1) recommended link: choose an interconnection line with the "cn2 gia" or "cn2" label to improve the stability and latency from mainland china to singapore.
2) ecs specification recommendations: lightweight site ecs.c6.large (2vcpu/4gb), medium-sized service ecs.c6.xlarge (4vcpu/8gb), high-concurrency ecs.c6.2xlarge (8vcpu/16gb).
3) disk and io: system disk cloud disk ssd 40-100gb, business disk cloud disk ssd 100-500gb, target iops ≥ 3000 (depending on database requirements).
4) bandwidth configuration: it is recommended that the starting public network bandwidth is 5-20mbps, and the peak traffic is calculated based on concurrency and resources; example: 2000 concurrency requires 100mbps egress.
5) auto-scaling: set an automatic expansion strategy based on cpu>70% or qps>1000. the minimum number of instances is 1 and the maximum is 5.
6) backup plan: automatic snapshot daily/weekly, cross-region backup to domestic or other overseas regions.

1) dns service: use alibaba cloud resolution or third-party support for geodns. domestic users point to the domestic acceleration node, and overseas users point to the singapore node.
2) ttl policy: the ttl of static recording is set to 600 seconds, and the ttl of frequently switched records is set to 60 seconds.
3) note on domain name registration: if it is for users in mainland china, keep the domestic registration or cooperate with the overseas cn2+ domestic acceleration plan.
4) a/aaaa and cname strategy: the main site uses cname to connect to the load balancing or cdn. the api recommends using a records to directly connect to the back-end load balancing.
5) health check: dns records cooperate with health check and automatically switch to the backup node in case of back-end failure.
6) logging and monitoring: enable parsing logs and set alarms (parsing failure rate >1% alarm).

1) cdn purpose: static resource caching (css/js/images), distribution of hot content, and reduction of origin site bandwidth and latency.
2) caching rules: long-term caching of images/fonts (max-age 30 days), short caching of html and api or no caching and use of cache-control.
3) node selection: enable asia-first nodes and enable gzip/brotli compression and http/2.
4) cache breakdown protection: use mutex locks or hotspot cache warm-up strategies.
5) monitoring indicators: hit rate, return traffic, edge rtt, target hit rate >85%.
6) example comparison table (sample data):

1) protection products: basic package anti-ddos basic, it is recommended to upgrade to anti-ddos pro or premium (select protection qps/bandwidth as needed).
2) threshold setting: set the source site current limit and threshold (for example, the number of tcp connections >50k triggers speed limiting, and the traffic >1gbps triggers cleaning).
3) waf and rules: enable web application firewall (waf), configure common owasp rules and custom whitelist/blacklist.
4) network acl and security group: minimize open ports, only open 80/443/22 (ssh only ip).
5) log audit: enable access logs and protection logs and retain them for 90 days for traceability.
6) drills and alerts: conduct regular fault drills, and automatically alert and trigger emergency templates when ddos occurs.

1) database selection: for relational database, choose rds for mysql/polardb, for nosql database, choose redis instance or mongodb.
2) synchronization method: use dts remote migration service for full + incremental synchronization. example: initial full amount is 5gb, and incremental average is 200mb per day.
3) latency and consistency: it is recommended to use semi-synchronous or read-write separation for cross-border replication. read requests are given priority in singapore and domestic users use near-source caching.
4) storage io configuration: database disk iops≥5000, latency target <10ms.
5) backup strategy: rto <1 hour, rpo <15 minutes, enable logical/physical backup and cross-zone replication.
6) cost example: rds 2-core 8gb high-availability deployment ≈ 250-400 usd/month (including storage and io).

1) background: domestic medium-sized e-commerce companies are preparing to move their settlement and product graphics to singapore to target southeast asian users.
2) initial environment: domestic single-machine web (4vcpu/8gb), bandwidth 20mbps, peak delay for sea users ≈ 220ms.
3) migration configuration: the target uses ecs.c6.xlarge + cn2 link, cdn acceleration image, rds mysql 2 active and 1 standby, anti-ddos pro.
4) performance improvement: after migration, the average delay in southeast asia was reduced to 95ms, the page ttfb was reduced from 800ms to 280ms, and the cdn hit rate reached 88%.
5) cost comparison: after migration, the average monthly cost increased by about 30% but the conversion rate increased by 8%, and the roi was recovered within 3 months.
6) experience summary: conduct link testing (traceroute/icmp) in advance, gradually switch in the traffic window, and set rollback dns records.

1) indicator monitoring: cpu, memory, disk io, network traffic, response time, error rate, ddos alarm.
2) alarm threshold: cpu>80% for 5 minutes, response time>2s, error rate>1% triggers an alarm.
3) routine maintenance: snapshot strategy, certificate update, regular patching of system and dependent packages.
4) performance optimization: the application layer uses connection pooling, turns on keep-alive, nginx reverse proxy and gzip compression.
5) regular drills: conduct disaster recovery drills and traffic surge tests every quarter (such as pressure testing to 120% of peak qps).
6) documents and sops: develop detailed migration and emergency sops to ensure that the team can respond quickly when encountering network links or ddos.