You can use Elastic Container Instance (ECI) with Alibaba Cloud Serverless Kubernetes and Alibaba Cloud Container Service for Kubernetes. This topic describes the adjustment required for migrating existing applications to ECI, and the issues that you may encounter during the migration.

Prerequisites

You understand basic concepts of Kubernetes or have used a Kubernetes-based container orchestration service on a private or public cloud before.

Preparations

Manage Kubernetes clusters and ECIs

View created ECIs

  • Log on to the ECI console. In the upper-left corner, select the target region from the drop-down list. The created ECIs appear. If a blank page appears, you need to apply for the permission to view ECIs.
  • Log on to the Container Service console. In the left-side navigation pane, choose Applications > Pods. On the page that appears, select the target cluster and namespace from the drop-down lists in the upper-left corner. The created pods appear. Pods that are scheduled to the virtual-kubelet node are ECIs. Click Details in the Actions column of an ECI to view its details.

Limits on application migration

ECIs are not scheduled to the virtual-kubelet node in a centralized manner because this node is a virtual node used by ECI to interact with Kubernetes. Instead, ECIs are scattered in the whole resource pool of Alibaba Cloud.

Due to security issues of the Internet and limits of a virtual node, ECI does not support host-related features and DaemonSets. The following table lists the features that are not supported by ECI currently.

Feature Description Alternative
HostPath Allows you to mount a file from the host to a container. Use an emptyDir volume or Apsara File Storage NAS.
HostNetwork Allows you to map a host port to a container. Create services of the LoadBalancer type.
DaemonSet Allows you to deploy a static pod on the host of a container. Deploy multiple images in a pod by using sidecar containers.
Privileged permissions Allows you to grant privileged permissions to a container. Use securityContext to grant permissions to a pod.
Service of the NodePort type Allows you to map a host port to a container. Create services of the LoadBalancer type.

Remarks on application migration

  • Serverless Kubernetes can share an image repository with Kubernetes clusters. You can upload your container images to this image repository in advance. We recommend that you use VPC addresses of images to accelerate image pulling, which are in the format of registry-vpc.xxx.
  • Serverless Kubernetes clusters and virtual nodes support common controllers such as the deployment, ReplicaSet, job, CronJob, and StatefulSet controllers. Theoretically, applications of these types can run directly in Serverless Kubernetes clusters and on virtual nodes
  • Serverless Kubernetes clusters and virtual nodes use PrivateZone to expose services. We recommend that you enable the PrivateZone service for a serverless Kubernetes cluster when you create the cluster.
  • Serverless Kubernetes clusters and virtual nodes support services of the LoadBalancer type. You can change the type field of a service to LoadBalancer to migrate the service. For more information, see Access services by using SLB.
apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx
  name: nginx
  namespace: default
spec:
  externalTrafficPolicy: Cluster
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: nginx
  sessionAffinity: None
  type: LoadBalancer