Container Service allows you to log on to clusters by using SSH key pairs, which ensures the security of SSH remote access.


  1. Log on to the Container Service console.
  2. In the left-side navigation pane, choose Clusters > Clusters to go to the Clusters page.
  3. Click Create Kubernetes Cluster in the upper-right corner.
    Create cluster
  4. Select Key Pair in the Logon Type field. Set the other fields. For more information, see Create an ACK cluster. Then click Create.
    1. If you have created key pairs in the ECS console, select a key pair from the Key Pair drop-down list.
    2. If you have no key pair, click create a key pair to create one in the ECS console. For more information, see Create an SSH key pair.
    Create key pairs
  5. After the cluster is created, find the cluster on the Clusters page and click Manage in the Actions column. You can find the Master Node IP Address for SSH Logon under Cluster Information.
    Connect to a cluster
  6. Download the .pem private key file. Complete the configurations based on your local operating system, such as Windows or Linux. For more information, see Connect to a Linux instance by using an SSH key pair. Take Linux as an example.
    1. Find the path where your .pem private key file is stored on your local machine. For example, /root/xxx.pem.
    2. Run the following command to modify the attributes of the private key file: chmod 400 [path of the .pem private key file on the local machine]. For example, chmod 400 /root/xxx.pem.
    3. Run the following command to connect to the cluster: `ssh -i [path of the .pem private key file on the local machine] root@[master-public-ip]. master-public-ip is the master node IP address for SSH logon. For example, ssh -i /root/xxx.pem root@