All Products
Search
Document Center

Container Service for Kubernetes:ACK cluster overview

Last Updated:Nov 20, 2023

Kubernetes is an open source orchestration platform that is commonly used to manage containerized applications and services. This topic describes the features, types, and limits of ACK clusters.

Background information

Alibaba Cloud provides different types of ACK clusters to meet the requirements of diverse scenarios.

  • ACK clusters are most commonly used and suitable for most scenarios.

  • ACK Serverless clusters are suitable for handling agile workloads that require quick scaling, and processing individual tasks or multiple parallel tasks. For more information see What is ACK Serverless?.

  • ACK Edge clusters are the most suitable option when you want to handle edge computing services such as Internet of Things (IoT) and Content Delivery Network (CDN). For more information see What is ACK Edge?.

ACK also provides highly integrated solutions for sectors such as genomics computing and AI-empowered big data computing. ACK optimizes container performance based on the high-performance computing and networking capabilities of IaaS. ACK allows you to centrally manage clusters that are deployed in multi-cloud or hybrid cloud environments. You can log on to the ACK console to manage your Kubernetes clusters deployed in data centers or third-party clouds.

Limits

For more information about the limits of ACK clusters, see Limits.

Cluster type

ACK clusters are classified into ACK Pro, ACK basic, and ACK dedicated.

Item

ACK Pro

ACK basic

ACK dedicated

Feature

You need to create only worker nodes. ACK creates and manages control planes.

You must create control planes and worker nodes.

ACK Pro clusters are easy to use, cost-effective, and highly available. You do not need to manage control planes.

For more information about the differences between ACK basic clusters and ACK Pro clusters, see Comparison.

ACK basic clusters are easy to use and cost-effective. You do not need to manage control planes.

ACK dedicated clusters allow you to manage the cluster infrastructure in a more fine-grained manner. You must design, maintain, and upgrade the clusters on your own.

Billing methods

You are charged for cluster management based on the number of clusters. In addition, you are also charged for nodes and infrastructure resources. For more information, see Billing.

Cluster management is free of charge. However, you are charged for nodes and infrastructure resources. For more information, see Billing.

Cluster management is free of charge. However, you are charged for control planes, worker nodes, and infrastructure resources. For more information, see Billing.

Usage scenarios

Applicable to the production and testing environments of enterprise users.

Applicable to the learning and testing needs of individual users.

Applicable to the studies and customization of Kubernetes.

User Personas

  • Concerned about costs

  • Focused on application development

  • Possess a basic understanding of Kubernetes

  • Want to control O&M costs

  • Require automated maintenance for the control plane

  • Not overly concerned about costs

  • Possess an adequate understanding of Kubernetes

  • Possess technical expertise on Kubernetes O&M

  • Have clear plans for resources

  • Have customization requirements on the control planes of clusters

  • Capable of manually managing clusters

Cluster creation procedure

ACK managed cluster

ACK dedicated cluster

Note

Compared with ACK basic clusters and ACK dedicated clusters, ACK Pro clusters provide higher reliability, security, and schedulability. ACK Pro clusters are covered by the SLA that supports compensation clauses. We recommend that you use ACK Pro clusters. For more information about how to migrate workloads from ACK basic clusters and ACK dedicated clusters to ACK Pro clusters, see Hot migration from ACK basic clusters to ACK Pro clusters and Hot migration from ACK dedicated clusters to ACK Pro clusters.

FAQ about the features provided by Container Service

The following table describes the features of ACK clusters.

Feature

Description

Cluster management

  • Cluster creation: You can create various types of clusters based on your business requirements. ACK allows you to customize cluster configurations and select from a rich variety of Elastic Compute Service (ECS) instance types to use as worker nodes. For more information, see Create an ACK managed cluster, and Create an ACK dedicated cluster.

  • Cluster update: You can easily update your clusters with a few clicks. ACK provides a simple and centralized method to update your system components. For more information, see Update the Kubernetes version of ACK clusters.

  • Elastic scaling: You can vertically scale your clusters directly in the console to respond to unexpected business fluctuations. You can also configure service-level affinity rules and horizontal scaling settings for your business.

  • Multi-cluster management: ACK allows you to register third-party and self-managed Kubernetes clusters and implement centralized management of all your resources.

  • Permission management: ACK integrates Resource Access Management (RAM) and role-based access control (RBAC) for permission management.

Node pool

You can manage the lifecycle of node pools. You can configure different specifications for node pools in a cluster, such as vSwitches, runtimes, operating systems, and security groups. For more information see Node pool overview.

Application management

  • Application creation: You can create various types of applications from images or templates. ACK allows you to customize application configurations, such as environment variables, health checks, disk mounting, and logging.

  • Lifecycle management: You can use ACK to manage the entire lifecycle of applications. For example, you can view, update, replace, and delete applications, roll back application versions, view application events, perform rolling updates, and use triggers to redeploy applications.

  • Pod scheduling: ACK supports pod scheduling based on pod affinity, node affinity, and pod anti-affinity.

  • Pod scaling: You can manually scale pods or automate pod scaling by using the Horizontal Pod Autoscaler (HPA).

  • Application release: ACK supports canary releases and blue-green deployments. You can use these features to better manage the application release lifecycle.

  • App catalog: App catalog is a feature that ACK provides to facilitate application deployment and cloud service integration.

  • Application center: The application center provides a centralized management panel that you can use to deploy your applications and monitor the topology of your applications. You can use the application center to implement unified version management and rollback in continuous deployment scenarios.

  • Application backup and recovery: You can back up applications and restore applications from backup data. For more information, see Back up and restore applications in an ACK cluster.

Storage

  • The following volume plug-ins are supported: FlexVolume and Container Storage Interface (CSI). For more information, see CSI overview and FlexVolume overview.

  • Operations on volumes and persistent volume claims (PVCs):

    • You can create Block Storage volumes, Apsara File Storage NAS (NAS) volumes, and Object Storage Service (OSS) volumes.

    • You can bind a volume to a PVC.

    • You can dynamically create and migrate volumes.

    • You can view and update volumes and PVCs by running scripts.

Network

  • You can set up container networks by using the Flannel or Terway plug-in. For more information, see Network overview.

  • You can specify CIDR blocks for Services and pods.

  • You can use the NetworkPolicy feature of Kubernetes to control access to specific applications. For more information, see Use network policies in ACK clusters.

  • You can use Ingresses for traffic routing.

  • You can implement DNS-based service discovery. For more information, see DNS overview.

O&M and security

  • Observability:

    • Monitoring: ACK integrates Managed Service for Prometheus for your clusters, nodes, applications, and pods.

    • Logging: ACK integrates Log Service for log collection and storage for your clusters and containers.

    • Alerting: ACK enables alerting based on cluster events and container metrics. For more information, see Alert management.

  • Cost analysis: ACK visualizes the resource usage and cost distribution of your clusters, providing you with easily understandable resource utilization metrics.

  • Security center: ACK actively inspects your applications for security risks, and provides security policies for runtime monitoring and alerting.

  • Sandboxed-Container: Sandboxed-Container is a container runtime developed by ACK for enhancing container security. You can use Sandboxed-Container to run an application in a sandboxed and lightweight VM, which has a dedicated kernel. Sandboxed-Container is suitable for isolating untrusted applications, unhealthy applications, low-performance applications, and workloads among users.

  • TEE-based confidential computing: ACK provides a cloud-native, all-in-one solution for confidential computing based on Intel Software Guard Extensions (Intel SGX). This solution ensures data security, integrity, and confidentiality when you develop, manage, and deliver trusted applications and confidential computing tasks. The confidential computing capabilities provided by ACK allow you to isolate sensitive data and code by using a trusted execution environment.

Heterogeneous computing

  • GPU computing: allows you to create clusters that use GPU-accelerated instances as worker nodes. Supports scheduling, monitoring, auto scaling, and O&M management of GPU resources. For more information see Create an ACK cluster with GPU-accelerated nodes.

  • GPU sharing: allows you to implement a GPU sharing framework in your cluster deployed in the cloud or in a data center to run multiple containers on a GPU-accelerated node. For more information see cGPU overview.

  • Cloud-native AI: provides cloud-native AI computing capabilities and supports orchestration and management of data computing tasks. For more information see Overview.

Developer services

Cluster lifecycle

The following table describes the states of a cluster and the following figure shows the transitions between the states.

Table 1. Cluster states

State

Description

Initializing

Creating the cloud resources that are used by the cluster.

Creation Failed

Failed to create the cloud resources that are used by the cluster.

Running

The cloud resources used by the cluster are created.

Updating

Updating the metadata of the cluster.

Scaling

Adding nodes to the cluster.

Removing

Removing nodes from the cluster.

Upgrading

Upgrading the cluster.

Draining

Evicting pods from a node to other nodes. After all pods are evicted from the node, the node becomes unschedulable.

Inactive

The cluster is temporarily unavailable in specific cases. For more information about the supported SDKs, see Clusters in abnormal states.

Unavailable

The cluster is unavailable because the cloud resources used by the cluster encounter errors. For more information about the supported SDKs, see Clusters in abnormal states.

Deleting

Deleting the cluster.

Deletion Failed

Failed to delete the cluster.

Deleted (invisible to users)

The cluster is deleted.

Figure 1. State transitionsState transitions

Open source projects

For more information about the open source projects that are used by ACK, see Open source projects.

FAQ