Alibaba Cloud
May 9, 2026
Alibaba Cloud Full Stack
84 min readAlibaba Cloud Full Stack (12): End-to-End — One Terraform Apply for Everything
The grand finale: codify everything from Parts 1-11 into Terraform modules. VPC, ECS, RDS, OSS, RAM, SLS, Function Compute — all provisioned with one terraform apply. Plus CI/CD with GitHub Actions and cost optimization.
May 8, 2026
Alibaba Cloud Full Stack
52 min readAlibaba Cloud Full Stack (11): PAI — The ML Platform
The complete ML platform on Alibaba Cloud: PAI-DSW for notebooks, PAI-DLC for distributed training, PAI-EAS for model serving, Designer for visual workflows, and Model Gallery. Train and deploy a custom model end-to-end.
May 7, 2026
Alibaba Cloud Full Stack
24 min readAlibaba Cloud Full Stack (10): Bailian and DashScope — The LLM Layer
The complete LLM toolkit on Alibaba Cloud: Qwen model family, DashScope API (OpenAI-compatible), Wanxiang image/video generation, Qwen TTS, async task patterns, and fine-tuning. Build a multi-modal AI pipeline.
May 6, 2026
Alibaba Cloud Full Stack
66 min readAlibaba Cloud Full Stack (9): OpenSearch and AI Search
From keyword search to AI-powered retrieval: OpenSearch service, vector search for RAG, LLM-powered query rewriting, and hybrid search. Build a product search engine combining vectors and keywords.
May 5, 2026
Alibaba Cloud Full Stack
68 min readAlibaba Cloud Full Stack (8): Serverless — Function Compute and EventBridge
Go serverless on Alibaba Cloud: Function Compute triggers, runtimes, cold starts, and pricing. EventBridge for event routing. API Gateway integration. Build an event-driven image processing pipeline.
May 4, 2026
Alibaba Cloud Full Stack
66 min readAlibaba Cloud Full Stack (7): SLS, CloudMonitor, and Observability
Build full-stack observability: SLS for log collection and querying, CloudMonitor for metrics and alerts, ARMS for distributed tracing. Set up a complete monitoring stack for a production web application.
May 3, 2026
Alibaba Cloud Full Stack
58 min readAlibaba Cloud Full Stack (6): RAM, KMS, and Cloud Security
Lock down your cloud: RAM users, groups, roles, and policies. STS for temporary credentials. KMS for encryption. ActionTrail for audit logging. Build a secure multi-team access model with least privilege.
May 2, 2026
Alibaba Cloud Full Stack
64 min readAlibaba Cloud Full Stack (5): RDS and PolarDB — The Database Layer
RDS MySQL vs PolarDB: when to use which. Instance sizing, read replicas, proxy endpoints, backup/restore, monitoring, slow query analysis. Build a production database with HA and read scaling.
May 1, 2026
Alibaba Cloud Full Stack
58 min readAlibaba Cloud Full Stack (4): OSS — Object Storage Done Right
Master Alibaba Cloud OSS: bucket types, storage classes, access control (ACL, RAM, STS, signed URLs), lifecycle rules, cross-region replication, CDN integration, and custom domains. Build a complete media storage …
Apr 30, 2026
Alibaba Cloud Full Stack
52 min readAlibaba Cloud Full Stack (3): VPC, SLB, and the Network Layer
Build a production network from scratch: VPC architecture, CIDR planning, VSwitches across availability zones, security groups as stateful firewalls, SLB for load balancing, NAT Gateway for outbound traffic, and EIP for …
Apr 29, 2026
Alibaba Cloud Full Stack
52 min readAlibaba Cloud Full Stack (2): ECS — Compute That Actually Makes Sense
Everything you need to know about ECS: instance families (g8, c8, r8, GPU), pricing models, cloud-init automation, security groups, and key pairs. We deploy a production-ready app server from scratch.
Apr 28, 2026
Alibaba Cloud Full Stack
22 min readAlibaba Cloud Full Stack (1): The Ecosystem Map — What Alibaba Cloud Actually Is
A no-BS guide to Alibaba Cloud's product ecosystem. We map every major service to its AWS/Azure/GCP equivalent, set up an account from scratch, and deploy our first ECS instance — all in under an hour.
Mar 26, 2026
Terraform Agents
38 min readTerraform for AI Agents (8): End-to-End — research-agent-stack in One Apply
Stitching the seven modules into one repo, running terraform apply once, and watching a complete agent runtime — VPC, ECS, RDS, OpenSearch, OSS, LLM gateway, SLS observability, cost alarms — come up in seven minutes. …
Mar 24, 2026
Terraform Agents
36 min readTerraform for AI Agents (7): Observability, SLS Dashboards, and Cost Alarms
Logs to SLS, traces to ARMS, metrics to CloudMonitor — all provisioned in HCL so a new env comes pre-instrumented. The four alarms that actually catch real incidents and the SLS-driven cost dashboard that tells you which …
Mar 22, 2026
Terraform Agents
36 min readTerraform for AI Agents (6): LLM Gateway and Secrets Management
Centralise LLM API access through one gateway: per-agent quotas, request logging, and zero secrets outside KMS. Terraform-provisioned API Gateway plus self-hosted LiteLLM on ECS, with DashScope/OpenAI/Anthropic keys …
Mar 20, 2026
Terraform Agents
32 min readTerraform for AI Agents (5): Storage — Vector, Relational, and Object Memory
An agent has three kinds of memory and they map onto three Aliyun services: PolarDB/RDS for sessions, OpenSearch (vector edition) or pgvector for embeddings, OSS for artifacts. Real Terraform for each, plus the lifecycle …
Mar 18, 2026
Terraform Agents
32 min readTerraform for AI Agents (4): Compute — ECS, ACK, or Function Compute?
The three places an agent's main loop can live on Aliyun: a long-running ECS instance with pm2, a Kubernetes pod on ACK, or a Function Compute invocation. The cost-crossover model I use to pick between them, and a real …
Mar 16, 2026
Terraform Agents
30 min readTerraform for AI Agents (3): A Reusable VPC and Security Baseline
The first reusable module — a three-zone VPC with public/private subnets, NAT egress, security groups layered by tier, and KMS keys per data domain. The same code shows up in every agent stack I've shipped, parameterised …
Mar 14, 2026
Terraform Agents
30 min readTerraform for AI Agents (2): Provider, Auth, and Remote State on OSS
Pinning the alicloud provider, picking between AK/SK, AssumeRole, and ECS RAM role auth, putting tfstate on OSS with Tablestore locking, and the workspace pattern that keeps dev/staging/prod from stomping each other. …
Mar 12, 2026
Terraform Agents
26 min readTerraform for AI Agents (1): Why IaC Is the Only Sane Way to Ship Agents
Agent systems are a moving target — new tools, new memory stores, new regions every month. Manual console clicks don't survive the second teammate. This first article makes the case for Terraform on Alibaba Cloud, …