All Products
Search

This Product

    Container Service for Kubernetes:Connect to the master nodes of an ACK dedicated cluster by using SSH

    Document Center

    Container Service for Kubernetes:Connect to the master nodes of an ACK dedicated cluster by using SSH

    Last Updated:Mar 26, 2026

    In an ACK dedicated cluster, master nodes are created and managed by you rather than Alibaba Cloud. To perform cluster maintenance and troubleshooting, you can connect to the master nodes over SSH.

    This topic describes how to configure SSH access to the master nodes of an ACK dedicated cluster and connect using password or key pair authentication.

    Prerequisites

    Before you begin, ensure that you have:

    Before you connect: determine your setup

    The steps required depend on whether you enabled SSH access when you created the cluster.

    If you enabled SSH logon at cluster creation: ACK automatically generated a public IP address for SSH access to the master nodes. Find it on the Basic Information tab under the Master Node IP Address for SSH Logon parameter. Skip to Connect to the master nodes and use that IP address.

    If you did not enable SSH logon at cluster creation: The master nodes are not directly accessible over SSH because their traffic routes through a Server Load Balancer (SLB) instance. Add a TCP listener on port 22 to the SLB instance to open SSH access. Complete both steps below.

    Step 1: Add an SSH listener to the SLB instance

    Skip this step if you enabled SSH logon when you created the cluster.

    1. Log on to the ACK console. In the left-side navigation pane, click Clusters.

    2. On the Clusters page, click the name of the target cluster. In the left-side pane, click Cluster Information.

    3. On the Basic Information tab, find API server SLB and click the instance ID.

    4. Click Create Listener in the upper-right corner.

    5. Configure the listener:

      1. Select TCP as the listener protocol, set Listener Port to 22, and then click Next.

      2. Select Default Server Group. In the Selected Servers section, enter 22 in the Port column for all master nodes. Set the weights based on your requirements, and then click Next. For more information on listener configuration, see Add a TCP listener.

      3. In the Health Check step, click Next.

      4. In the Confirm step, click Submit.

      The Listener tab now shows the newly created listener named tcp_22.

    6. Click the Instance Details tab. The Endpoint parameter in the Billing Information section shows the public IP address of the SLB instance. Use this IP address in the next step.

    Connect to the master nodes

    SSH authentication uses the method you selected when you created the cluster: password logon or key pair logon. For more information, see Create an ACK dedicated cluster (discontinued).

    Password logon

    Connect with the root user and the password you set at cluster creation:

    ssh root@<master-node-IP>

    Replace <master-node-IP> with the public IP address obtained in Step 1 (or from the Master Node IP Address for SSH Logon parameter if SSH was enabled at creation).

    Key pair logon

    For more information, see Connect to a Linux instance by using an SSH key pair.