Worldwide public beta testing for Alibaba Cloud Serverless Kubernetes service began in August 2018. Testing areas opened in Hangzhou, Shanghai, and part of the west coast of the United States including Silicon Valley. Alibaba Cloud Serverless Kubernetes supports sites both in China and abroad as well as supports flexible scaling. Users can deploy Kubernetes container applications in seconds, with no capacity planning or node management required. This service is currently in beta testing for free.
Alibaba Cloud's Serverless Kubernetes service is intended to lower entry barriers for using container technology and simplify the operations and maintenance of container platforms. In this manner, users can focus on design and application development without having to worry about micromanaging the infrastructure of their applications — things like Kubernetes clusters and servers.
Based on Alibaba Cloud's elastic computing base architecture, the service fully leverages the security and flexibility of virtualized resources. It is compatible with the Kubernetes ecosystem and supports functions like Workload (Deployment, StatefulSet, Job, Pod), Service, Ingress, Volumes, Service Account, and HPA. It can also integrate fully with a container user's current application environment.
The service is easy to use, and you only pay for what you use. It is all-inclusive, securely isolated, expandable as needed, and interconnectable. In addition to these advantages, it also strengthens multidimensional technologies such as container scheduling, service discovery, service access, resource management, and sub-account support. For example, users can provide both Layer 4 service access through LoadBalancer Service and Layer 7 service access through Ingress.
Serverless Kubernetes integrates the high portability and agility of containers with the elastic scheduling and isolation provided by Alibaba Cloud's flexible computing for a wide scope of application. It can quickly and easily be deployed in scenarios as diverse as web applications, back-end services for mobile applications, multimedia processing, data processing, and continuous integration. It is particularly suitable for batch tasks and sudden-demand work.
Many users have actively provided feedback since the release of this product, and our team is continuously adding and upgrading features and optimizing the product experience. Many new features have already been released, such as Exec/Attach, service discovery, Ingress, Service Account, and sub-accounts. We will look at the following three features.
Service discovery is the foundational function of communication among services within a Kubernetes cluster. Whereas traditional service discovery relies on the cluster's internal DNS component, service discovery within Serverless Kubernetes is based on Alibaba Cloud DNS Private Zone, so users can easily discover services without having to install any components like Kube DNS.
Alibaba Cloud DNS PrivateZone is a private domain name resolution and management service based on the Alibaba Cloud Virtual Private Cloud (VPC) environment. Users can map private domain names to IP resource addresses in one or more customized VPCs while their private domain names remain inaccessible from other network environments.
For now, the service discovery feature only applies to the Intranet Service and Headless Service. After creating the service, you can access services within the cluster by long or short domain name from within the pod:
Long domain name:
svc.clusterId.svc.cluster.local ($clusterID is the ID of the serverless cluster)
Short domain name:
In a Kubernetes cluster, Ingress is a collection of rules that authorizes inbound access to the services of the cluster. You can use Ingress to configure an externally accessible URL, server load balancing, SSL, and name-based virtual hosts.
Within a Serverless Kubernetes cluster, you can use LoadBalancer Service to provide externally accessible Layer 4 services and Ingress to provide externally accessible Layer 7 services. Ingress is easy to use and does not require the installation of Ingress Controller.
In Serverless Kubernetes, the Service Account function is enabled by default, which means that the pod has permission to access apiserver by default. When a container is created, you can find three files in the directory /var/run/secrets/kubernetes.io/serviceaccount/: file namespace, token, and ca.crt. The last two are credentials for accessing the cluster through service account. Through service account, users can only access resources within the serverless clusters in the pod.
Alibaba Cloud project manager Yi Li put it this way.
"If administering a Kubernetes cluster is like driving a powerful sports car with manual transmission, then using Serverless Kubernetes is like riding in a self-driving car — you can just relax and enjoy the freedom of computing. Its advantage is that it strips away complex and time-consuming maintenance and operations work, automatically allocating low-level service resources, a work model more in line with our understanding of the future of cloud computing: users don't need to pay attention to operations like environment configuration, server administration, and maintenance upgrades--they can just focus on writing application logic."
Alibaba Cloud ECS - January 23, 2019
Alibaba Clouder - October 15, 2018
Xi Ning Wang - August 30, 2018
Alibaba Cloud Blockchain Service Team - December 26, 2018
Alibaba Container Service - February 12, 2019
Alibaba Cloud Blockchain Service Team - October 25, 2018
Alibaba Cloud Container Service for Kubernetes is a fully managed cloud container management service that supports native Kubernetes and integrates with other Alibaba Cloud products.Learn More
A secure image hosting platform providing containerized image lifecycle managementLearn More
A high-performance container manage service that provides containerized application lifecycle managementLearn More
More Posts by Alibaba Container Service