By Yu Zhuang
With business growth, enterprises deploy and maintain multiple Kubernetes clusters to meet requirements for proximity deployment, isolation, capacity, and disaster recovery. For various reasons, these clusters may come from different service providers, such as different public cloud providers or private cluster providers. Although Kubernetes clusters are consistent with open-source standards, the O&M and security capabilities around clusters vary widely. Therefore, these Kubernetes clusters provided by different service providers or deployed in different locations bring great challenges to enterprises in regularly maintaining workflows, affecting the ease of use, stability, and security of Kubernetes clusters.
For enterprises with self-managed Kubernetes clusters, another challenge is the lack of IaaS resource elasticity in IDC, such as long server procurement time and tight GPU server supplies, which cannot meet rapid business growth demands and make it difficult to balance resource costs with fluctuating business demand.
To address these challenges, the ACK team introduced registered clusters in 2019. Over the years, registered clusters have been widely used across various industries and customers to empower Kubernetes clusters comprehensively. It provides a one-stop console experience, O&M capabilities, and cloud scalability, helping you efficiently manage Kubernetes clusters provided by different service providers or deployed in different locations.
Distributed Cloud Container Platform for Kubernetes (ACK One) registered clusters are a type of cluster offered by Alibaba Cloud Container Service for Kubernetes (ACK). You can connect Kubernetes clusters provided by different service providers or deployed in different locations to the ACK console through registered clusters of ACK One. This provides ACK-like management capabilities and enables comprehensive empowerment of your Kubernetes clusters in DevOps, microservices governance, observability, security, disaster recovery, and cluster resource elasticity.
After creating an ACK One registered cluster, install the Agent Connector component in the Kubernetes cluster, and then the Agent Connector will establish a connection with the registered cluster. Subsequent operations by the user through the ACK console on the registered cluster will be forwarded via the Agent Connector to the API Server of the Kubernetes cluster, such as fetching cluster status and installing ACK components.
Once Kubernetes clusters outside Alibaba Cloud are connected to registered clusters, various capabilities can be expanded. You can install specific ACK components based on your needs to enable cloud elasticity, O&M, and security capabilities.
a) Both public internet and Express Connect circuits are supported, as well as Transport Layer Security (TLS) encryption.
b) Clusters can be connected in either normal mode or restricted mode:
• Normal Mode: All features in the ACK console are available, including workload management, O&M, and security.
• Restricted Mode: All role-based access control (RBAC) permissions of the Agent Connector are converged. In this mode, some features in the ACK console are unavailable, but you can enable the cloud elasticity capability of the cluster.
c) The Agent Connector for registered clusters is open sourced to ensure transparency. The address of the open-source project is:
https://github.com/AliyunContainerService/alibabacloud-ack-connector
The O&M and management of Kubernetes clusters are centralized and provide an ACK-like O&M experience. It integrates Alibaba Cloud Application Real-Time Monitoring Service (ARMS), Simple Log Service (SLS), and the Security Center. After Kubernetes clusters outside Alibaba Cloud are connected to ACK One registered clusters, they can be centrally managed through the ACK console, including permissions, logs, monitoring, events, alerts, cost analysis, security inspection, and security policies.
When Kubernetes cluster resources in local data centers are insufficient, the scheduler provided by ACK can be used to expand Elastic Compute Service (ECS) node pools or Elastic Container Instances (ECIs) according to priority. Additionally, it supports reverse scaling and prioritizes scaling cloud resources to handle traffic fluctuations, thereby saving resource costs.
ACK One allows you to back up, restore, and migrate data to the cloud. This ensures service continuity.
Using ACK One registered clusters, you can easily achieve centralized management of Alibaba Cloud ACK clusters and non-ACK clusters (clusters provided by third-party clouds and self-managed Kubernetes in IDC). It has been widely used in numerous enterprises across industries such as the Internet, telecommunication equipment, autonomous driving, biopharmaceuticals, intelligent manufacturing, gene technology, logistics, and automotive. Welcome to have a try!
[1] Overview of Registered Clusters:
https://www.alibabacloud.com/help/en/ack/distributed-cloud-container-platform-for-kubernetes/user-guide/overview-9
[2] Auto Scaling of Registered Clusters:
https://www.alibabacloud.com/help/en/ack/distributed-cloud-container-platform-for-kubernetes/user-guide/auto-scaling-1
[3] Observability of Registered Clusters:
https://www.alibabacloud.com/help/en/ack/distributed-cloud-container-platform-for-kubernetes/user-guide/observability-of-external-clusters
[4] Backup Center Overview:
https://www.alibabacloud.com/help/en/ack/distributed-cloud-container-platform-for-kubernetes/user-guide/backup-center-overview
OpenYurt v1.5 Officially Released, Optimizing Multi-region Workload Lifecycle Management
167 posts | 30 followers
FollowAlibaba Cloud Native Community - January 27, 2022
Alibaba Cloud Native Community - February 9, 2023
Alibaba Container Service - April 12, 2024
Alibaba Container Service - November 21, 2024
Alibaba Developer - September 23, 2020
Alibaba Container Service - November 13, 2019
167 posts | 30 followers
FollowAlibaba Cloud Container Service for Kubernetes is a fully managed cloud container management service that supports native Kubernetes and integrates with other Alibaba Cloud products.
Learn MoreProvides a control plane to allow users to manage Kubernetes clusters that run based on different infrastructure resources
Learn MoreAlibaba Cloud Function Compute is a fully-managed event-driven compute service. It allows you to focus on writing and uploading code without the need to manage infrastructure such as servers.
Learn MoreAccelerate and secure the development, deployment, and management of containerized applications cost-effectively.
Learn MoreMore Posts by Alibaba Container Service