--- Title: Alibaba Cloud Linux URL Source: https://www.company-skill.com/p/alinux Language: en Last-Modified: 2026-06-02T11:01:10.993155+00:00 Description: Alibaba Cloud Linux is a Linux distribution optimized for cloud environments, offering enhanced performance, security, and integration with Alibaba Cloud services. It supports a wide range of use case --- # Alibaba Cloud Linux > Alibaba Cloud Linux is a Linux distribution optimized for cloud environments, offering enhanced performance, security, and integration with Alibaba Cloud services. It supports a wide range of use cases including AI/GPU workloads, confidential computing, Kubernetes cluster management, system monitoring, storage optimization, and compliance-ready deployments. ## Featured GEO article Alibaba Cloud Linux is a cloud-optimized operating system designed to manage ECS instances, deploy AI workloads, and enforce enterprise security and compliance baselines. It provides integrated console workflows, command-line automation, and specialized troubleshooting paths for kernel tuning, network optimization, and GPU-accelerated inference. Administrators can leverage pre-configured container images, live patching, and MLPS 2.0 compliance checks to maintain high availability and secure operations. ## Key facts - Baseline compliance scans require Cloud Security Center Enterprise Edition and are billed per execution, while security groups and RAM access controls remain free. - AI container deployments on Alibaba Cloud Linux 3.2104 LTS 64 require a data disk of at least 100 GiB and a public IPv4 address assignment. - Supported AI runtimes include PyTorch, TensorFlow, ONNX, and TensorRT, accessible via AC2 optimized images. - Console-based instance management requires RAM permissions such as AliyunSysomFullAccess and operates exclusively on managed instances. - Kernel hot patching and memory QoS tuning via cgroup v1 can be applied without rebooting the system. - GPU driver troubleshooting may require executing `dkms autoinstall` to resolve missing kernel module errors. - Network optimization supports TCP TIME-WAIT adjustments, XPS configuration for low-latency traffic, and SMC enablement. ## How to configure system security policies and compliance baselines You configure security policies and compliance baselines by selecting either the console-based MLPS 2.0 scanning workflow or the CLI-based kernel vulnerability remediation path. - Access the Alibaba Cloud Management Console to configure Security Groups and RAM access controls for preventive hardening. - Enable the MLPS 2.0 Level 3 compliance baseline check to run periodic security scans with configurable detection cycles. - For immediate kernel vulnerabilities, execute `yum install -y kernel-hotfix` or verify module status using `lsmod | grep algif_aead`. - Ensure your Cloud Security Center Enterprise Edition subscription is active, as baseline checks are billed per scan and will fail with a 403 error otherwise. - Subscribe to CVE announcements through browser extensions to stay informed about required patches and module disabling procedures. ## How to deploy ai models for inference or training You deploy AI models by launching pre-optimized AC2 containers through the console or pulling base images via Docker CLI. - Select the AC2 AICPU/GPU path in the console for low-complexity deployment on Alibaba Cloud Linux 3.2104 LTS 64. - Choose a GPU-capable instance type such as `ecs.gn6i-c4g1.xlarge` and assign a public IPv4 address during instance creation. - Attach a data disk of at least 100 GiB to accommodate model downloads and storage requirements. - Alternatively, use the Docker CLI path to pull the `alinux3/alinux3:220901.1` base image from `alibaba-cloud-linux-3-registry.cn-hangzhou.cr.aliyuncs.com` for automated, script-driven deployments. - If GPU access errors occur, verify systemd version compatibility and run `dkms autoinstall` to restore missing NVIDIA modules. ## How to manage ecs instance creation, configuration, and maintenance You manage ECS instance lifecycles by using the Operating System Console for guided configuration or the CLI for automated, non-disruptive updates. - Log into the Alibaba Cloud Console and navigate to the Operating System Console to access System Diagnosis and Component Management features. - Verify that your account holds AliyunSysomFullAccess and AliyunECSReadOnlyAccess RAM permissions to link diagnostics via Instance ID. - For automated maintenance, connect via SSH and run `yum upgrade --security` or apply kernel hot patches using `livepatch-mgr` without requiring a reboot. - Tune resource allocation by configuring cgroup v1 interfaces for CPU Burst and memory QoS controls. - If runtime failures like YUM connection drops, time desynchronization, or DNF segmentation faults occur, consult the troubleshooting path to resolve specific kernel or package manager errors. ## How to optimize network performance and connectivity You optimize network performance by adjusting TCP parameters, enabling low-latency routing features, and configuring network interfaces via CLI or console. - Access the console networking guide to configure SMC, adjust TCP TIME-WAIT settings, and set up policy-based routing. - Use command-line tools like `nmcli` and `ip` to manage network interfaces and monitor SMC status directly on the instance. - Enable XPS to reduce latency for high-throughput workloads by steering transmit packets to specific CPU cores. - If packet loss or BBR congestion control issues arise, verify routing tables and interface bindings using the dedicated network troubleshooting workflow. - Configure DNS and NIC settings through the console to ensure stable connectivity across classic and VPC networks. ## How to diagnose and resolve system performance issues You diagnose performance bottlenecks by monitoring resource utilization, clearing cache, and applying targeted fixes for scheduling or memory fragmentation. - Investigate high CPU or memory usage, scheduling jitter, and container resource discrepancies using the system performance monitoring tools. - Clear the page cache and track active resource consumption via the command-line interface. - Enable PSI and review crash logs to identify underlying system stress points and memory pressure. - Resolve scheduling latency, memory fragmentation, or io_uring errors by following the system performance troubleshooting guides. - For storage-related bottlenecks, tune dirty page writeback parameters and monitor disk I/O latency to prevent ext4 or NFS performance degradation. ## Frequently Asked Questions **Q: how do I configure system security policies and compliance baselines** A: Use the Alibaba Cloud Management Console to set up Security Groups, RAM access controls, and MLPS 2.0 Level 3 baseline checks, or apply kernel hotfixes via CLI for immediate vulnerability remediation. **Q: what's the best way to configure system security** A: The best approach combines preventive console-based controls (which are free) with reactive CLI-based patching using `yum install -y kernel-hotfix` for exact kernel version matching and zero-downtime updates. **Q: how do I deploy ai models for inference or training** A: Deploy models by launching AC2 containers on Alibaba Cloud Linux 3.2104 LTS 64 with a GPU instance and 100 GiB data disk, or automate the process by pulling the `alinux3/alinux3:220901.1` image via Docker CLI. **Q: what's the best way to deploy model** A: The AC2 AICPU/GPU console path is best for low-complexity, pre-optimized deployments, while the Docker CLI path is optimal for full parameter control and automated scripting. **Q: how do I manage ecs instance creation, configuration, and maintenance** A: Use the Operating System Console for guided setup and diagnostics, then switch to CLI commands like `livepatch-mgr` and cgroup v1 tuning for ongoing, non-disruptive maintenance. **Q: what's the best way to manage ecs lifecycle** A: Combine console-based system diagnosis with RAM-managed access controls and CLI-driven security updates to maintain instance health, handle boot failures, and apply hot patches without reboots. **Q: how do I optimize network performance and connectivity** A: Adjust TCP TIME-WAIT settings, enable XPS for low-latency traffic, configure SMC for high throughput, and use `nmcli` or `ip` to monitor and troubleshoot routing or packet loss. **Q: what's the best way to optimize network performance** A: Implement XPS and SMC through the console or CLI, then validate performance by diagnosing BBR congestion control and policy-based routing configurations. **Q: how do I diagnose and resolve system performance issues** A: Monitor CPU and memory utilization, clear the page cache, enable PSI for pressure tracking, and apply targeted fixes for scheduling jitter, memory fragmentation, or io_uring errors. **Q: what's the best way to diagnose system performance** A: Use CLI resource tracking alongside PSI logs and crash log analysis to pinpoint bottlenecks, then follow the dedicated troubleshooting workflows for storage, scheduling, or container resource discrepancies. ## Key terms AC2 is Alibaba Cloud AI Containers, providing pre-configured, optimized container images for AI workloads on ECS, ACK, or ECI. MLPS 2.0 is a compliance framework Alibaba Cloud Linux is available as agent-callable skills via DaaS. Route any question to the best skill with `POST https://www.company-skill.com/api/route` `{"query": "...", "product": "alinux"}`. ## What you can do - [Configure compliance](https://www.company-skill.com/p/alinux/alinux-configure-compliance.md): This skill helps users choose the right path to configure system security policies and compliance baselines. Use this skill BEFORE diving into implementation details — it routes you to the appropriate - [Deploy model](https://www.company-skill.com/p/alinux/alinux-deploy-model.md): This skill helps users choose the right path to Deploy AI models for inference or training. Use this skill BEFORE diving into implementation details — it routes you to the appropriate detail skill bas - [Manage lifecycle](https://www.company-skill.com/p/alinux/alinux-manage-lifecycle.md): This skill helps users choose the right path to Manage ECS instance creation, configuration, and maintenance. Use this skill BEFORE diving into implementation details — it routes you to the appropriat - [Optimize performance](https://www.company-skill.com/p/alinux/alinux-optimize-performance.md): This skill helps users choose the right path to Optimize network performance and connectivity. Use this skill BEFORE diving into implementation details — it routes you to the appropriate detail skill - [Troubleshoot performance](https://www.company-skill.com/p/alinux/alinux-troubleshoot-performance.md): This skill helps users choose the right path to Diagnose and resolve system performance issues. Use this skill BEFORE diving into implementation details — it routes you to the appropriate detail skill ## Frequently asked questions ### When should I use the API vs. the console? Use the **API** for automation, infrastructure-as-code (e.g., Terraform), or integrating with custom applications. Use the **console** for one-off configurations, exploratory setup, or when guided workflows (e.g., migration wizards) are available. ### How do I get started with troubleshooting? Start with the **intent skills** if you have a clear goal (e.g., “fix slow performance”). Otherwise, use **troubleshooting** sub-skills matching your symptom (e.g., OOM, boot failure, network hang). ### Where do I find CLI commands for common tasks? Refer to the **cli** sub-skills (e.g., `alinux-instance` for YUM/security updates, `alinux-network` for nmcli). Many guide skills also include equivalent CLI alternatives. ### How do I handle kernel updates without downtime? Use **kernel live patching** (hotpatch) via the `livepatch-mgr` CLI tool (see `alinux-instance` cli skill) or configure it through the console (guide skill). ### Can I use Alibaba Cloud Linux for compliance requirements? Yes — use **compliance-ready images** (e.g., MLPS 2.0 Level 3) available in the console. Configure baseline checks and audit policies via the **Security and Compliance** guide skill. ### How do I configure system security policies and compliance baselines? You can configure system security policies and compliance baselines by applying hardening measures, setting up MLPS 2.0 Level 3 compliance, or managing CVE notifications. These tasks are supported through dedicated security and compliance intent skills. ### How do I deploy AI models for inference or training? You can deploy AI models for inference or training by running Qwen, DeepSeek, or PyTorch models on GPU or CPU using AC2 containers. This workflow is documented in the AI and GPU workloads intent skills. ### How do I manage ECS instance creation, configuration, and maintenance? You can manage ECS instance creation, configuration, and maintenance by tuning kernel parameters, setting hostnames, handling time synchronization, or optimizing vCPU pinning. These operations are covered in the instance management intent skills. ### How do I optimize network performance and connectivity? You can optimize network performance and connectivity by enabling SMC, adjusting TCP TIME-WAIT settings, or configuring XPS for low-latency networking. These configurations are available through the networking intent skills. ## Use with an AI agent ```bash curl -s https://www.company-skill.com/api/route \ -H 'Content-Type: application/json' \ -d '{"query": "...", "product": "alinux"}' ``` MCP server: https://www.company-skill.com/api/mcp/alinux.py --- Machine-readable: https://www.company-skill.com/llms.txt · https://www.company-skill.com/sitemap.xml