Deploy OpenClaw on ECS with DingTalk Integration
在ECS上部署OpenClaw并集成钉钉
Deploy OpenClaw AI agent platform on an Alibaba Cloud ECS instance with one click, configure Alibaba Cloud Bailian LLM, and connect to a DingTalk group via a DingTalk bot, enabling users to chat with AI directly in DingTalk.
Source: This Skill is based on Alibaba Cloud official documentation and OpenClaw open-source project documentation. See reference links at the end.
Version: This Skill is written for OpenClaw March 2026 release and the
@dingtalk-real-ai/dingtalk-connector
plugin, verified on 2026-03-11.
一键在阿里云ECS实例上部署OpenClaw AI agent平台,配置阿里云百炼(Bailian)大模型,通过钉钉机器人接入钉钉群,让用户可以直接在钉钉内与AI聊天。
来源:本Skill基于阿里云官方文档和OpenClaw开源项目文档编写,参考链接见文末。
版本:本Skill针对OpenClaw 2026年3月版本和
@dingtalk-real-ai/dingtalk-connector
插件编写,于2026-03-11完成验证。
Before execution, prompt the user to provide all required parameters in a single message. Do not proceed until all required parameters are received and confirmed.
执行前,请提示用户在单条消息中提供所有必填参数。在收到并确认所有必填参数前,请勿继续操作。
Validate all user inputs before use to prevent command injection. Reject inputs containing shell special characters (
,
,
,
,
,
,
, backticks, parentheses, brackets, newlines). Parameters must match expected formats:
- : , , etc.
- :
vpc_id/vswitch_id/security_group_id
:
- :
- : 16-64 alphanumeric chars
When passing parameters to Cloud Assistant
, use base64 encoding for sensitive values.
使用前请校验所有用户输入,防止命令注入。拒绝包含shell特殊字符(
、
、
、
、
、
、
、反引号、括号、方括号、换行符)的输入。参数必须符合预期格式:
- :、、等
- :
vpc_id/vswitch_id/security_group_id
:
- :
- :16-64位字母数字组合
向云助手
传递参数时,敏感值请使用base64编码。
ECS Instance Parameters
ECS实例参数
| Parameter | Required | Description | Example |
|---|
| Yes | Deployment region | |
| No | ECS instance type (default: , 2 vCPU 4 GB) | |
| No | OS image (default: Ubuntu 22.04) | Auto-selected |
| No | Existing VPC ID (auto-created if not provided) | |
| No | Existing VSwitch ID (auto-created if not provided) | |
| No | Existing Security Group ID (auto-created if not provided) | |
| 参数 | 是否必填 | 描述 | 示例 |
|---|
| 是 | 部署区域 | |
| 否 | ECS实例规格(默认:,2 vCPU 4 GB) | |
| 否 | 操作系统镜像(默认:Ubuntu 22.04) | 自动选择 |
| 否 | 已有VPC ID(未提供则自动创建) | |
| 否 | 已有VSwitch ID(未提供则自动创建) | |
| 否 | 已有安全组ID(未提供则自动创建) | |
OpenClaw and Bailian Parameters
OpenClaw与百炼参数
The Bailian API Key (
) is
automatically obtained via CLI during deployment (see Step 2). No manual console operation is needed. The Skill uses
commands (ListWorkspaces + ListApiKeys/CreateApiKey) to retrieve or create an API Key programmatically.
Prerequisites: The user's Alibaba Cloud account must have the Bailian (Model Studio) service activated. If not activated, guide the user to visit
Bailian Console to activate it first.
百炼API Key(
)会在部署过程中
通过CLI自动获取(见步骤2),无需手动在控制台操作。本Skill使用
命令(ListWorkspaces + ListApiKeys/CreateApiKey)以编程方式检索或创建API Key。
前提条件:用户的阿里云账号必须已开通百炼(Model Studio)服务。如果未开通,引导用户先访问
百炼控制台开通服务。
DingTalk Integration Parameters
钉钉集成参数
| Parameter | Required | Description | Example |
|---|
| Yes | DingTalk app Client ID | |
| Yes | DingTalk app Client Secret | |
If the user has not created a DingTalk app, guide them to refer to the DingTalk App Setup Guide to create an app, configure the bot, add permissions, publish the app, and obtain credentials.
| 参数 | 是否必填 | 描述 | 示例 |
|---|
| 是 | 钉钉应用Client ID | |
| 是 | 钉钉应用Client Secret | |
如果用户还未创建钉钉应用,引导用户参考钉钉应用配置指南创建应用、配置机器人、添加权限、发布应用并获取凭证。
Execution Constraints
执行约束
- Sensitive information masking: Mask middle portion of passwords, keys, tokens, IPs, instance IDs (e.g., , )
- Input validation: Reject shell special characters (, , , , backticks, etc.). Use parameterized API calls
- Command injection prevention: Encode sensitive values for Cloud Assistant RunCommand using base64
- Network timeout: All curl/wget operations must include and parameters
- Execute steps in order; verify success after each step; inform user of current step
- If any step fails, ask user for confirmation before continuing
- Cloud Assistant results: poll every 15+ seconds
- Destructive operations: Confirm with user and verify resource state before deletion
- 敏感信息脱敏:对密码、密钥、令牌、IP、实例ID的中间部分进行脱敏(例如、)
- 输入校验:拒绝包含shell特殊字符(、、、、反引号等)的输入,使用参数化API调用
- 命令注入防护:云助手RunCommand的敏感值使用base64编码
- 网络超时:所有curl/wget操作必须包含和参数
- 按顺序执行步骤,每步完成后验证成功,告知用户当前执行步骤
- 若任何步骤失败,继续前需征求用户确认
- 云助手结果:每15秒以上轮询一次
- 破坏性操作:删除资源前需与用户确认并验证资源状态
Step 1: Create ECS Instance
步骤1:创建ECS实例
1.1 Verify Alibaba Cloud Account
1.1 验证阿里云账号
bash
aliyun sts GetCallerIdentity \
--user-agent AlibabaCloud-Agent-Skills
bash
aliyun sts GetCallerIdentity \
--user-agent AlibabaCloud-Agent-Skills
1.2 Check Zone Availability
1.2 检查可用区库存
Query which availability zones have stock for the target instance type to avoid creating resources in an unavailable zone:
bash
aliyun ecs DescribeAvailableResource \
--RegionId ${region} \
--DestinationResource InstanceType \
--InstanceChargeType PostPaid \
--InstanceType ${instance_type} \
--user-agent AlibabaCloud-Agent-Skills
Select a zone where
is
from the result, record as
.
查询目标实例规格在哪些可用区有库存,避免在不可用区域创建资源:
bash
aliyun ecs DescribeAvailableResource \
--RegionId ${region} \
--DestinationResource InstanceType \
--InstanceChargeType PostPaid \
--InstanceType ${instance_type} \
--user-agent AlibabaCloud-Agent-Skills
1.3 Create VPC and VSwitch (if not provided by user)
1.3 创建VPC和VSwitch(若用户未提供)
aliyun vpc CreateVpc
--RegionId ${region}
--VpcName openclaw-vpc
--CidrBlock 172.16.0.0/16
--user-agent AlibabaCloud-Agent-Skills
aliyun vpc CreateVpc
--RegionId ${region}
--VpcName openclaw-vpc
--CidrBlock 172.16.0.0/16
--user-agent AlibabaCloud-Agent-Skills
Create VSwitch (use the zone with stock found in the previous step)
创建VSwitch(使用上一步查到的有库存的可用区)
aliyun vpc CreateVSwitch
--RegionId ${region}
--VpcId ${vpc_id}
--VSwitchName openclaw-vswitch
--CidrBlock 172.16.0.0/24
--ZoneId ${zone_id}
--user-agent AlibabaCloud-Agent-Skills
aliyun vpc CreateVSwitch
--RegionId ${region}
--VpcId ${vpc_id}
--VSwitchName openclaw-vswitch
--CidrBlock 172.16.0.0/24
--ZoneId ${zone_id}
--user-agent AlibabaCloud-Agent-Skills
1.4 Create Security Group and Configure Rules
1.4 创建安全组并配置规则
Create security group
创建安全组
aliyun ecs CreateSecurityGroup
--RegionId ${region}
--VpcId ${vpc_id}
--SecurityGroupName openclaw-sg
--Description "Security group for OpenClaw"
--user-agent AlibabaCloud-Agent-Skills
aliyun ecs CreateSecurityGroup
--RegionId ${region}
--VpcId ${vpc_id}
--SecurityGroupName openclaw-sg
--Description "Security group for OpenClaw"
--user-agent AlibabaCloud-Agent-Skills
Allow SSH (port 22)
放行SSH(22端口)
aliyun ecs AuthorizeSecurityGroup
--RegionId ${region}
--SecurityGroupId ${security_group_id}
--IpProtocol tcp
--PortRange 22/22
--SourceCidrIp 0.0.0.0/0
--user-agent AlibabaCloud-Agent-Skills
aliyun ecs AuthorizeSecurityGroup
--RegionId ${region}
--SecurityGroupId ${security_group_id}
--IpProtocol tcp
--PortRange 22/22
--SourceCidrIp 0.0.0.0/0
--user-agent AlibabaCloud-Agent-Skills
Allow HTTP (port 80) and HTTPS (port 443)
放行HTTP(80端口)和HTTPS(443端口)
aliyun ecs AuthorizeSecurityGroup
--RegionId ${region}
--SecurityGroupId ${security_group_id}
--IpProtocol tcp
--PortRange 80/80
--SourceCidrIp 0.0.0.0/0
--user-agent AlibabaCloud-Agent-Skills
aliyun ecs AuthorizeSecurityGroup
--RegionId ${region}
--SecurityGroupId ${security_group_id}
--IpProtocol tcp
--PortRange 443/443
--SourceCidrIp 0.0.0.0/0
--user-agent AlibabaCloud-Agent-Skills
aliyun ecs AuthorizeSecurityGroup
--RegionId ${region}
--SecurityGroupId ${security_group_id}
--IpProtocol tcp
--PortRange 80/80
--SourceCidrIp 0.0.0.0/0
--user-agent AlibabaCloud-Agent-Skills
aliyun ecs AuthorizeSecurityGroup
--RegionId ${region}
--SecurityGroupId ${security_group_id}
--IpProtocol tcp
--PortRange 443/443
--SourceCidrIp 0.0.0.0/0
--user-agent AlibabaCloud-Agent-Skills
1.5 Create ECS Instance
1.5 创建ECS实例
First, query the latest Ubuntu 22.04 system image ID in the target region:
bash
aliyun ecs DescribeImages \
--RegionId ${region} \
--OSType linux \
--ImageOwnerAlias system \
--ImageName "ubuntu_22_04*" \
--Status Available \
--PageSize 1 \
--user-agent AlibabaCloud-Agent-Skills
Get the latest
from the result, then create the instance (note:
do not set ; public network access will be configured via EIP later):
bash
aliyun ecs RunInstances \
--RegionId ${region} \
--InstanceType ${instance_type} \
--ImageId ${image_id} \
--SecurityGroupId ${security_group_id} \
--VSwitchId ${vswitch_id} \
--SystemDisk.Category cloud_essd \
--SystemDisk.Size 40 \
--InstanceChargeType PostPaid \
--InstanceName openclaw-server \
--Amount 1 \
--user-agent AlibabaCloud-Agent-Skills
首先查询目标区域最新的Ubuntu 22.04系统镜像ID:
bash
aliyun ecs DescribeImages \
--RegionId ${region} \
--OSType linux \
--ImageOwnerAlias system \
--ImageName "ubuntu_22_04*" \
--Status Available \
--PageSize 1 \
--user-agent AlibabaCloud-Agent-Skills
从结果中获取最新的
,然后创建实例(注意:
不要设置,后续将通过EIP配置公网访问):
bash
aliyun ecs RunInstances \
--RegionId ${region} \
--InstanceType ${instance_type} \
--ImageId ${image_id} \
--SecurityGroupId ${security_group_id} \
--VSwitchId ${vswitch_id} \
--SystemDisk.Category cloud_essd \
--SystemDisk.Size 40 \
--InstanceChargeType PostPaid \
--InstanceName openclaw-server \
--Amount 1 \
--user-agent AlibabaCloud-Agent-Skills
1.6 Configure Public Network Access (EIP)
1.6 配置公网访问(EIP)
Create an Elastic IP Address and bind it to the ECS instance with 100 Mbps bandwidth (OpenClaw installation requires downloading many npm packages):
创建弹性公网IP并绑定到ECS实例,带宽配置为100 Mbps(OpenClaw安装需要下载大量npm包):
Create EIP (100 Mbps bandwidth)
创建EIP(100 Mbps带宽)
aliyun vpc AllocateEipAddress
--RegionId ${region}
--Bandwidth 100
--InternetChargeType PayByTraffic
--user-agent AlibabaCloud-Agent-Skills
aliyun vpc AllocateEipAddress
--RegionId ${region}
--Bandwidth 100
--InternetChargeType PayByTraffic
--user-agent AlibabaCloud-Agent-Skills
Bind EIP to ECS instance
将EIP绑定到ECS实例
aliyun vpc AssociateEipAddress
--RegionId ${region}
--AllocationId ${eip_allocation_id}
--InstanceId ${instance_id}
--InstanceType EcsInstance
--user-agent AlibabaCloud-Agent-Skills
Record the EIP address for subsequent SSH connections and Cloud Assistant command execution.
aliyun vpc AssociateEipAddress
--RegionId ${region}
--AllocationId ${eip_allocation_id}
--InstanceId ${instance_id}
--InstanceType EcsInstance
--user-agent AlibabaCloud-Agent-Skills
记录EIP地址,用于后续SSH连接和云助手命令执行。
1.7 Start Instance and Wait for Running State
1.7 启动实例并等待运行状态
aliyun ecs StartInstance
--InstanceId ${instance_id}
--user-agent AlibabaCloud-Agent-Skills
aliyun ecs StartInstance
--InstanceId ${instance_id}
--user-agent AlibabaCloud-Agent-Skills
Query instance status, confirm it is Running
查询实例状态,确认已处于Running状态
aliyun ecs DescribeInstances
--RegionId ${region}
--InstanceIds '["${instance_id}"]'
--user-agent AlibabaCloud-Agent-Skills
aliyun ecs DescribeInstances
--RegionId ${region}
--InstanceIds '["${instance_id}"]'
--user-agent AlibabaCloud-Agent-Skills
Step 2: Obtain Bailian API Key via CLI
步骤2:通过CLI获取百炼API Key
Use the
CLI plugin to automatically retrieve or create a Bailian API Key, eliminating the need for manual console operations.
使用
CLI插件自动检索或创建百炼API Key,无需手动在控制台操作。
2.1 Install the MaaS CLI Plugin
2.1 安装MaaS CLI插件
The
commands require the
plugin:
bash
aliyun plugin install --names aliyun-cli-maas \
--user-agent AlibabaCloud-Agent-Skills
bash
aliyun plugin install --names aliyun-cli-maas \
--user-agent AlibabaCloud-Agent-Skills
2.2 List Workspaces (must run first)
2.2 列出工作空间(必须先执行)
is a required parameter for ListApiKeys and CreateApiKey, so you must obtain it via ListWorkspaces first. Every Alibaba Cloud account with Bailian activated has a default workspace:
bash
aliyun maas list-workspaces \
--region ${region} \
--user-agent AlibabaCloud-Agent-Skills
Record the
from the result as
. If the result is empty (no workspaces), the user has not activated the Bailian service yet — guide them to activate it at the
Bailian Console.
是ListApiKeys和CreateApiKey的必填参数,因此必须先通过ListWorkspaces获取。每个开通了百炼服务的阿里云账号都有一个默认工作空间:
bash
aliyun maas list-workspaces \
--region ${region} \
--user-agent AlibabaCloud-Agent-Skills
将结果中的
记录为
。如果结果为空(无工作空间),说明用户尚未开通百炼服务——引导用户到
百炼控制台开通服务。
2.3 List Existing API Keys (requires workspace_id)
2.3 列出现有API Key(需要workspace_id)
Use the
obtained in the previous step to query existing API Keys in that workspace:
bash
aliyun maas list-api-keys \
--workspace-id ${workspace_id} \
--region ${region} \
--user-agent AlibabaCloud-Agent-Skills
If an existing API Key is found, record its
(in
format) as
and skip step 2.4.
使用上一步获取的
查询该工作空间下的现有API Key:
bash
aliyun maas list-api-keys \
--workspace-id ${workspace_id} \
--region ${region} \
--user-agent AlibabaCloud-Agent-Skills
如果找到现有API Key,将其
(
格式)记录为
,跳过步骤2.4。
2.4 Create API Key (only if 2.3 returns no results)
2.4 创建API Key(仅当2.3无返回结果时执行)
Only when no API Key was found in the previous step, create a new one using the same
:
bash
aliyun maas create-api-key \
--workspace-id ${workspace_id} \
--description "OpenClaw deployment API Key" \
--region ${region} \
--user-agent AlibabaCloud-Agent-Skills
Record the
(in
format) from the response as
.
Important: The full API Key value is only visible at creation time. Subsequent queries will only return a masked value. Make sure to record the complete key in this step.
仅当上一步未找到API Key时,使用相同的
创建新的API Key:
bash
aliyun maas create-api-key \
--workspace-id ${workspace_id} \
--description "OpenClaw deployment API Key" \
--region ${region} \
--user-agent AlibabaCloud-Agent-Skills
重要:完整的API Key值仅在创建时可见,后续查询仅返回脱敏值,请务必在本步骤记录完整密钥。
Step 3: Install Base Environment via Cloud Assistant
步骤3:通过云助手安装基础环境
Use Alibaba Cloud Cloud Assistant to remotely execute commands on the ECS instance without manual SSH connection.
Combine Git installation, Node.js 22.x installation, and npm China mirror configuration into a single command to reduce waiting time:
bash
aliyun ecs RunCommand \
--RegionId ${region} \
--Type RunShellScript \
--CommandContent "apt-get update -y && apt-get install -y git curl wget && curl -fsSL --connect-timeout 30 --max-time 300 https://deb.nodesource.com/setup_22.x | bash - && apt-get install -y nodejs && npm config set registry https://registry.npmmirror.com && node -v && npm -v" \
--InstanceId.1 ${instance_id} \
--Timeout 600 \
--user-agent AlibabaCloud-Agent-Skills
Use
to query the command execution result and confirm success:
bash
aliyun ecs DescribeInvocations \
--RegionId ${region} \
--InvokeId ${invoke_id} \
--user-agent AlibabaCloud-Agent-Skills
Confirm Node.js version is v22.x.x in the output.
Polling tip: This command typically takes 2-5 minutes to complete. When querying
, poll every 15-30 seconds to avoid excessive polling. The command is finished when
changes from
to
or
.
使用阿里云云助手在ECS实例上远程执行命令,无需手动SSH连接。
将Git安装、Node.js 22.x安装、npm中国镜像配置合并为一条命令,减少等待时间:
bash
aliyun ecs RunCommand \
--RegionId ${region} \
--Type RunShellScript \
--CommandContent "apt-get update -y && apt-get install -y git curl wget && curl -fsSL --connect-timeout 30 --max-time 300 https://deb.nodesource.com/setup_22.x | bash - && apt-get install -y nodejs && npm config set registry https://registry.npmmirror.com && node -v && npm -v" \
--InstanceId.1 ${instance_id} \
--Timeout 600 \
--user-agent AlibabaCloud-Agent-Skills
bash
aliyun ecs DescribeInvocations \
--RegionId ${region} \
--InvokeId ${invoke_id} \
--user-agent AlibabaCloud-Agent-Skills
确认输出中的Node.js版本为v22.x.x。
轮询提示:该命令通常需要2-5分钟完成。查询
时,每15-30秒轮询一次避免过度请求。当
从
变为
或
时,命令执行完成。
Step 4: One-Click OpenClaw Installation
步骤4:一键安装OpenClaw
Use the installation script to complete OpenClaw setup, Bailian API configuration, and DingTalk plugin installation.
Security: Sensitive parameters are passed via base64 encoding to prevent command injection.
使用安装脚本完成OpenClaw搭建、百炼API配置和钉钉插件安装。
安全提示:敏感参数通过base64编码传递,防止命令注入。
Encode sensitive parameters
编码敏感参数
BAILIAN_KEY_B64=$(echo -n "${bailian_api_key}" | base64)
DINGTALK_ID_B64=$(echo -n "${dingtalk_client_id}" | base64)
DINGTALK_SECRET_B64=$(echo -n "${dingtalk_client_secret}" | base64)
aliyun ecs RunCommand
--RegionId ${region}
--Type RunShellScript
--CommandContent "curl -fsSL --connect-timeout 30 --max-time 300
https://openclaw-install-scripts.oss-cn-hangzhou.aliyuncs.com/install.sh -o /tmp/openclaw-install.sh && BAILIAN_API_KEY=$(echo '${BAILIAN_KEY_B64}' | base64 -d) DINGTALK_CLIENT_ID=$(echo '${DINGTALK_ID_B64}' | base64 -d) DINGTALK_CLIENT_SECRET=$(echo '${DINGTALK_SECRET_B64}' | base64 -d) bash /tmp/openclaw-install.sh --api-key "$BAILIAN_API_KEY" --api-region '${region}' --dingtalk-client-id "$DINGTALK_CLIENT_ID" --dingtalk-client-secret "$DINGTALK_CLIENT_SECRET""
--InstanceId.1 ${instance_id}
--Timeout 600
--user-agent AlibabaCloud-Agent-Skills
The script auto-completes: OpenClaw npm install, Bailian API config, DingTalk plugin install, gateway startup. Query `DescribeInvocations` to confirm `Gateway started` (poll every 30s, 3-8 min).
---
BAILIAN_KEY_B64=$(echo -n "${bailian_api_key}" | base64)
DINGTALK_ID_B64=$(echo -n "${dingtalk_client_id}" | base64)
DINGTALK_SECRET_B64=$(echo -n "${dingtalk_client_secret}" | base64)
aliyun ecs RunCommand
--RegionId ${region}
--Type RunShellScript
--CommandContent "curl -fsSL --connect-timeout 30 --max-time 300
https://openclaw-install-scripts.oss-cn-hangzhou.aliyuncs.com/install.sh -o /tmp/openclaw-install.sh && BAILIAN_API_KEY=$(echo '${BAILIAN_KEY_B64}' | base64 -d) DINGTALK_CLIENT_ID=$(echo '${DINGTALK_ID_B64}' | base64 -d) DINGTALK_CLIENT_SECRET=$(echo '${DINGTALK_SECRET_B64}' | base64 -d) bash /tmp/openclaw-install.sh --api-key "$BAILIAN_API_KEY" --api-region '${region}' --dingtalk-client-id "$DINGTALK_CLIENT_ID" --dingtalk-client-secret "$DINGTALK_CLIENT_SECRET""
--InstanceId.1 ${instance_id}
--Timeout 600
--user-agent AlibabaCloud-Agent-Skills
脚本会自动完成:OpenClaw npm安装、百炼API配置、钉钉插件安装、网关启动。查询`DescribeInvocations`确认出现`Gateway started`(每30秒轮询一次,耗时3-8分钟)。
---
Step 5: Acceptance Testing
步骤5:验收测试
5.1 Verify Gateway Status
5.1 验证网关状态
bash
aliyun ecs RunCommand \
--RegionId ${region} \
--Type RunShellScript \
--CommandContent "openclaw gateway status" \
--InstanceId.1 ${instance_id} \
--Timeout 60 \
--user-agent AlibabaCloud-Agent-Skills
Confirm the gateway status is
and the DingTalk channel plugin is loaded.
bash
aliyun ecs RunCommand \
--RegionId ${region} \
--Type RunShellScript \
--CommandContent "openclaw gateway status" \
--InstanceId.1 ${instance_id} \
--Timeout 60 \
--user-agent AlibabaCloud-Agent-Skills
5.2 Test in DingTalk
5.2 钉钉端测试
Guide the user:
- Confirm they have completed app creation, permission configuration, publishing, and added the bot to a group per the DingTalk App Setup Guide
- In the DingTalk group where the bot was added, @mention the bot and send a message (e.g., "Hello, please introduce yourself")
- Wait for the bot to reply
Acceptance criteria: The bot replies normally in the DingTalk group with content generated by the Bailian LLM. This confirms successful deployment.
引导用户操作:
- 确认已按照钉钉应用配置指南完成应用创建、权限配置、发布,并将机器人添加到群中
- 在添加了机器人的钉钉群中@机器人并发送消息(例如:"你好,请介绍一下你自己")
- 等待机器人回复
验收标准:机器人在钉钉群中正常回复,内容由百炼大模型生成,说明部署成功。
5.3 Deployment Completion Report
5.3 部署完成报告
After confirming all components are running normally, provide the user with a deployment summary:
- ECS instance ID and EIP public IP
- OpenClaw version and service status
- Bailian model configuration (model name, API endpoint)
- DingTalk app name and bot status
- Cost information
确认所有组件正常运行后,向用户提供部署总结:
- ECS实例ID和EIP公网IP
- OpenClaw版本和服务状态
- 百炼模型配置(模型名称、API端点)
- 钉钉应用名称和机器人状态
- 成本信息
Warning: Resource deletion is irreversible. Always confirm with user before executing.
Before deletion, prompt user: "The following resources will be permanently deleted: ${instance_id}, ${eip_allocation_id}, ${security_group_id}, ${vswitch_id}, ${vpc_id}. This action is irreversible. Confirm with 'yes' to continue."
Only proceed after explicit "yes" confirmation.
删除前提示用户:"以下资源将被永久删除:${instance_id}, ${eip_allocation_id}, ${security_group_id}, ${vswitch_id}, ${vpc_id}。该操作不可逆,确认请回复'yes'继续。"
仅在收到明确的"yes"确认后再继续操作。
Delete in dependency order (instance → EIP → security group → VSwitch → VPC):
按依赖顺序删除(实例 → EIP → 安全组 → VSwitch → VPC):
1. Stop instance if running, then delete
1. 如果实例正在运行则先停止,再删除
aliyun ecs StopInstance --InstanceId ${instance_id} --user-agent AlibabaCloud-Agent-Skills
aliyun ecs StopInstance --InstanceId ${instance_id} --user-agent AlibabaCloud-Agent-Skills
Poll DescribeInstances until Status='Stopped'
轮询DescribeInstances直到Status='Stopped'
aliyun ecs DeleteInstance --InstanceId ${instance_id} --user-agent AlibabaCloud-Agent-Skills
aliyun ecs DeleteInstance --InstanceId ${instance_id} --user-agent AlibabaCloud-Agent-Skills
2. Release EIP (after confirming unassociated)
2. 释放EIP(确认已解绑后执行)
aliyun vpc ReleaseEipAddress --RegionId ${region} --AllocationId ${eip_allocation_id} --user-agent AlibabaCloud-Agent-Skills
aliyun vpc ReleaseEipAddress --RegionId ${region} --AllocationId ${eip_allocation_id} --user-agent AlibabaCloud-Agent-Skills
3. Delete security group (after confirming no instances)
3. 删除安全组(确认无关联实例后执行)
aliyun ecs DeleteSecurityGroup --RegionId ${region} --SecurityGroupId ${security_group_id} --user-agent AlibabaCloud-Agent-Skills
aliyun ecs DeleteSecurityGroup --RegionId ${region} --SecurityGroupId ${security_group_id} --user-agent AlibabaCloud-Agent-Skills
4. Delete VSwitch then VPC (after confirming empty)
4. 删除VSwitch再删除VPC(确认无关联资源后执行)
aliyun vpc DeleteVSwitch --VSwitchId ${vswitch_id} --user-agent AlibabaCloud-Agent-Skills
aliyun vpc DeleteVpc --VpcId ${vpc_id} --user-agent AlibabaCloud-Agent-Skills
aliyun vpc DeleteVSwitch --VSwitchId ${vswitch_id} --user-agent AlibabaCloud-Agent-Skills
aliyun vpc DeleteVpc --VpcId ${vpc_id} --user-agent AlibabaCloud-Agent-Skills
- ECS instance: 2 vCPU 4 GB (ecs.c6.large) pay-as-you-go, approximately 0.3-0.5 CNY/hour (subject to actual console pricing)
- EIP bandwidth: 100 Mbps pay-by-traffic
- Bailian model calls: New users have a free quota; charges apply per token usage after exceeding the quota
Note: The above costs are for reference only. Please refer to the actual pricing and bills shown in the Alibaba Cloud console.
- ECS实例:2 vCPU 4 GB(ecs.c6.large)按量付费,约0.3-0.5元/小时(以控制台实际定价为准)
- EIP带宽:100 Mbps按流量付费
- 百炼模型调用:新用户有免费额度,超出额度后按token使用量收费
注意:以上成本仅供参考,请以阿里云控制台显示的实际定价和账单为准。
Common Troubleshooting
常见问题排查
| Symptom | Possible Cause | Solution |
|---|
| DingTalk bot not responding | Gateway not running | Execute via Cloud Assistant to check status |
| Reply with "0 characters" empty message | Bailian model config lost | Check if in ~/.openclaw/openclaw.json
contains |
| 401 error | Gateway Token mismatch | Check if matches channels.dingtalk-connector.gatewayToken
|
| AI Card not displaying | Missing card permissions | Add and permissions in DingTalk Open Platform |
| npm install timeout | Network issue | Confirm npm China mirror is configured; confirm EIP bandwidth is sufficient |
| 现象 | 可能原因 | 解决方案 |
|---|
| 钉钉机器人无响应 | 网关未运行 | 通过云助手执行检查状态 |
| 回复"0字符"空消息 | 百炼模型配置丢失 | 检查~/.openclaw/openclaw.json
中的是否包含 |
| 401错误 | 网关Token不匹配 | 检查是否与channels.dingtalk-connector.gatewayToken
一致 |
| AI卡片不显示 | 缺少卡片权限 | 在钉钉开放平台添加和权限 |
| npm安装超时 | 网络问题 | 确认已配置npm中国镜像,确认EIP带宽充足 |