This topic describes the limits that apply when you use Container Service for Kubernetes (ACK) clusters.
Overview
Before you use ACK, take note of the following limits:
- You must pass real-name verification before you can create an ACK cluster.
- You cannot perform the following operations on ACK clusters:
- Change the virtual private cloud (VPC).
- Change a managed Kubernetes cluster to a dedicated Kubernetes cluster, or change a professional managed Kubernetes cluster to a standard managed Kubernetes cluster.
- Change the network plug-in.
- Change the volume plug-in.
- Migrate applications across namespaces.
- The following limits apply to Elastic Compute Service (ECS) instances that run in
ACK clusters:
- ECS instances support the pay-as-you-go and subscription billing methods. Other resources, such as Server Load Balancer (SLB) instances, support only the pay-as-you-go billing method. You can change the billing method from pay-as-you-go to subscription in the ECS console.
- When you create clusters, expand clusters, or perform auto scaling of clusters, you may fail to create nodes due to resource quota limits or inventory availability.
- If you want to create subscription ECS instances when you create a cluster, you may
fail to create the ECS instances due to resource quota limits or inventory availability.
After a subscription ECS instance is created, you cannot release the ECS instance
before the subscription expires.
Note To avoid these issues, we recommend that you create pay-as-you-go ECS instances when you create a cluster. You can change the billing method from pay-as-you-go to subscription in the ECS console based on your requirements.
- Requirements for ECS specifications: You must select ECS instances with at least four vCPUs and at least 8 GiB of memory.
- Limits on access to the control plane components of a cluster:
Bandwidth limits apply when you access the control pane components of a cluster by calling API operations (API Server) or running commands (etcd). If you read a large number of cluster events at a time, bandwidth throttling may be triggered and you may fail to read the events. We recommend that you query cluster events in the event center. Alternatively, you can add paging parameters, such as
--chunk-size=500, to the API request or command lines to reduce the number of events to be read. If you frequently trigger bandwidth throttling in a standard managed Kubernetes cluster, you can change the cluster to a professional managed Kubernetes cluster.For more information about the event center, see Scenario 1: Use node-problem-detector with the Kubernetes event center of Log Service to sink cluster events.
For more information about how to change a standard managed Kubernetes cluster to a professional managed Kubernetes cluster, see Hot migration from standard managed Kubernetes clusters to professional managed Kubernetes clusters.
Quota limits
| Item | Per Alibaba Cloud account | Quota increase |
|---|---|---|
| Real-name verification | Real-name verification is required. | Not supported. |
| Create pay-as-you-go resources | N/A | N/A |
| Maximum number of dedicated Kubernetes clusters and managed Kubernetes clusters | Default: 50. Maximum: 2,000. | |
| Maximum number of master nodes and worker nodes in an ACK cluster | Default: 100. Maximum: 5,000. | |
| Maximum number of pods on a worker node | The maximum number is configurable when you create the cluster in the console. The upper limit is 256. | Not supported. |
| Maximum number of serverless Kubernetes clusters | 5 |
Quota limits on underlying cloud resources
| Category | Item | Quota for general users | Quota increase |
|---|---|---|---|
| Computing | Resource Orchestration Service (ROS) quota | Default: 100. | |
| vCPU quota of pay-as-you-go instances | 500 vCPU cores | ||
| High-specification pay-as-you-go instances (with more than 16 vCPU cores) | Unavailable for purchase. Only pay-as-you-go instances with less than 16 vCPUs can be purchased. | ||
| vCPU quota of preemptible instances | 800 vCPU cores | ||
| Change from pay-as-you-go to subscription | Not supported by the following instance families: t1, s1, s2, s3, c1, c2, m1, m2, n1, n2, and e3. | ||
| Auto Scaling (ESS) | The maximum number of ECS instances in a scaling group is 2,000. | ||
| Operating systems | Nodes that run the following operating systems can be added to an ACK cluster:
|
N/A | |
| Networking | Maximum number of custom route entries in a route table | 48 | |
| Maximum number of vSwitches in a VPC | 24 | ||
| Maximum number of VPCs within an Alibaba Cloud account | 10 | ||
| Maximum number of private IP addresses in a VPC | 65,535 | N/A | |
| Maximum number of IP addresses that can be added to a basic security group | 2,000 | N/A | |
| Maximum number of elastic network interfaces (ENIs) | 50,000 | N/A | |
| Maximum number of elastic IP addresses (EIPs) within an Alibaba Cloud account | 20 | ||
| SLB | Maximum number of SLB instances within an Alibaba Cloud account | 60 | |
| Maximum number of backend servers that can be attached to an SLB instance | 200 | N/A | |
| Maximum number of listeners that can be added to an SLB instance | 50 | ||
| Maximum number of times that an ECS instance can be added to SLB instances as a backend server | 50 | N/A | |
| Elastic Block Storage (EBS) | Maximum number of pay-as-you-go disks in all regions within an Alibaba Cloud account | The quota is five times the number of ECS instances across all regions within an Alibaba Cloud account. You can create at least 10 pay-as-you-go disks within each Alibaba Cloud account. | |
| Maximum capacity of pay-as-you-go disks that are used as data disks within an Alibaba Cloud account | Subject to ECS resource usage, regions, and disk types. You can go to the Privileges & Quotas page in the ECS console to view details. For more information, see View quotas (old version). |