This topic provides the flowchart and some commonly asked questions (FAQ) when you use Container Service for Kubernetes (ACK).
- Assign roles to your Alibaba Cloud account. For more information, see Default roles.
- Create a standard managed cluster. For more information, see Create a cluster of ACK Managed Edition.To create a cluster of another type, see the following topics:
- Create an ASK cluster.
- Create a dedicated Kubernetes cluster.
- Create an ACK Pro cluster.
- Create a managed edge cluster.
- Create a managed GPU cluster and Create a dedicated GPU cluster for heterogeneous computing.
- Create a managed Kubernetes cluster that runs sandboxed containers and Create a dedicated Kubernetes cluster that runs sandboxed containers.
- Create a managed Kubernetes cluster that supports confidential computing.
- Deploy an application by using an image or orchestration template.For more information, see Use an image to create a stateless application and Use an orchestration template to create a Linux application.Note If your application consists of multiple services created from different images, we recommend that you use a YAML file to deploy the application.
- Perform O&M operations on the cluster and the application.
Cluster O&M Application O&M Cluster management Application deployment Node maintenance Application and image updates Node pool management Application scaling
- Log management
- How do I build a Docker image for an application that runs on an ACK cluster?
Container Registry allows you to build a container image within a few clicks. For more information about how to build a Docker image for an application, see Build an image for a Java application by using a Dockerfile with multi-stage builds. You can also use the open source tool Derrick to dockerize an application in a simplified manner.
- If I do not want to build an image, how do I deploy an application to an ACK cluster?
ACK allows you to create applications by using images of the following types: images stored in Container Registry, official images, favorite images, and public images. For more information, see Deploy stateless applications from images.
- How do I plan CIDR blocks before I create a cluster?
Before you create a cluster, make sure that the CIDR blocks of virtual private clouds (VPCs), services, and pods do not overlap. You can select to create a VPC automatically. In this case, use the default network address when you create a cluster. However, in some complex scenarios, you must plan CIDR blocks for Elastic Compute Service (ECS) instances, pods, and services. For more information, see Assign CIDR blocks to resources in a Kubernetes cluster under a VPC.
- How do I select the Terway or Flannel plug-in when I create a cluster?
Flannel is a simple and stable container network interface (CNI) plug-in developed by the community. However, Flannel only supports simple features and does not support standard Kubernetes network policies. Terway, a network plug-in developed by Alibaba Cloud, supports standard Kubernetes network policies and bandwidth throttling on containers. Terway outperforms Flannel in terms of network performance. For more information, see Use Terway.
- How do I handle a cluster creation failure?
You can view the cluster events for troubleshooting. For more information, see Failed to create a Kubernetes cluster.
- How do I access Kubernetes workloads over the Internet?
- If multiple workloads exist in a cluster, how can a workload be accessed by other
workloads in the cluster?
To access a workload from other workloads in the same cluster, use the internal DNS or ClusterIP service.Assume that Workload A and Workload B exist in a cluster. To allow Workload A to access Workload B, create a service of the ClusterIP type for Workload B. For more information, see Create a service. After you create a ClusterIP service, Workload A can use one of the following methods to access Workload B:
<ClusterIP service name>. <Namespace to which Workload B belongs>.svc.cluster.local:<Port number>
- What are the considerations when I access services through SLB instances?
If you create a service of the LoadBalancer type, Cloud Controller Manager (CCM) automatically creates and configures an SLB instance for the service. We recommend that you do not configure the SLB instance in the SLB console. This may cause the unavailability of the service. For more information, see Considerations for configuring a LoadBalancer service.
- How do I pull private images from Container Registry?
We recommend that you use the aliyun-acr-credential-helper component. By default, each cluster has aliyun-acr-credential-helper installed. You can use this component to pull images without a password from Container Registry. For more information, see Use aliyun-acr-credential-helper to pull images without a password.