This topic describes the release notes for Container Service for Kubernetes (ACK).
Background information
The following Kubernetes versions are supported by Container Service for Kubernetes (ACK): 1.28, v1.26, and 1.24. For more information about how ACK supports Kubernetes versions, see Support for Kubernetes versions.
The following operating systems are supported by Container Service for Kubernetes (ACK): Alibaba Cloud Linux 3, Alibaba Cloud Linux 2, Alibaba Cloud Linux 3 ARM edition, Alibaba Cloud Linux UEFI 2, ContainerOS, CentOS 7.9, and Windows Server 2019.
November 2023
Product | Feature | Description | Region | References |
Container Service for Kubernetes | Automated O&M features available when you create or modify a managed node pool | Auto node recovery, auto kubelet update, and auto CVE patching can be enabled when you create or modify a managed node pool. This simplifies your node pool O&M work. | All | |
ACK One | Zone-disaster recovery based on multi-cluster gateways of ACK One | The multi-cluster application distribution feature provided by ACK One GitOps can be used together with multi-cluster gateways of ACK One to implement zone-disaster recovery. | All | None |
October 2023
Product | Feature | Description | Region | References |
Container Service for Kubernetes | Sidecar acceleration in service mesh scenarios | Sidecar acceleration is supported in service mesh scenarios. After you inject sidecar containers into application pods, you can enable the sidecar acceleration using eBPF component to accelerate TCP communication between sidecar containers on the same node or between regular containers and sidecar containers in the same pod. | All | |
OS kernel-level container monitoring capabilities available | It is difficult to troubleshoot container service failures because the container engine layer is not transparent to users. To address this issue, OS kernel-level container monitoring capabilities are provided to make the container engine layer more reliable and transparent. This helps you efficiently migrate containerized applications. | All | ||
Individual cluster inspection | Individual cluster inspection is supported by calling the OpenAPI RunClusterCheck API operation. You can perform cluster update precheck anytime and create update plans based on the precheck result. | All | None | |
The ARM64 architecture supported by migrate-controller | The ARM64 architecture is supported by the backup center component migrate-controller. The migrate-controller component is developed based on open source Velero. migrate-controller is deeply integrated with the snapshot technologies and Cloud Backup service of Alibaba Cloud. You can use migrate-controller to back up, restore, and migrate data and application templates. | All | ||
ACK One | Multi-cluster gateways supported | ACK One uses a fully-managed MSE Ingress controller to manage MSE cloud-native gateways that serve as multi-cluster gateways. MSE cloud-native gateways can manage north-south traffic in multi-cluster deployments based on MSE Ingresses. This allows you to use features such as active zone-redundancy, multi-cluster load balancing, and header-based routing. | All |
September 2023
Product | Feature | Description | Region | References |
ACK | ack-advanced-audit 0.3.0 released | ack-advanced-audit is a key component for operation auditing inside containers. The performance of ack-advanced-audit is improved in version 0.3.0. This version supports the latest kernel versions of Alibaba Cloud Linux. | All | |
Cloud-native AI suite | Pushing notebook images from AI Developer Console to image repositories of Container Registry supported | ack-ai-dev-console is an AI Developer Console component included in the cloud-native AI suite. You can use this component together with commit-agent and ack-commit-ctl to save notebooks on Elastic Compute Service (ECS) instances as images and push notebook images to image repositories of Container Registry. Then, you can recreate notebooks from the addresses of these images. If you use a private repository, you need to select the option for pulling images with credentials. | All | |
KServe inference service deployment based on Arena and Service Mesh | KServe (formerly known as KFServing) is an open source Serving framework of Kubernetes. It can simplify and accelerate the deployment and management of machine learning models. KServe supports auto scaling, blue-green deployment, and canary releases and allows you to scale pods to zero. It supports mainstream frameworks and programming languages and provides flexible configurations. You can use the command-line tool Arena in the cloud-native AI suite with Service Mesh (ASM) to quickly deploy KServe inference services in ACK clusters. To do this, you need only to enable KServe on ASM in the ASM console to install the KServe component in your ACK cluster and then submit KServe inference services by using Arena. | All | None | |
ack-fluid 1.0.4 released | ack-fluid is a distributed dataset orchestration and acceleration engine included in the cloud-native AI suite. The new version includes the following updates:
| All | ||
ack-kube-queue 0.3.1 released | ack-kube-queue is a job queue component included in the cloud-native AI suite. The new version includes the following updates:
| All | ||
ACK One | Best practice for ACK One GitOps released | This best practice describes how to use ACK One GitOps and Container Registry to create Continuous Integration and Continuous Delivery (CI/CD) pipelines in Dev, Staging, and Production clusters. These pipelines can automatically synchronize image changes to applications and deploy the updated image in the preceding clusters by using the recommended deployment method after you commit code changes to your Git repository. | All | None |
Access to on-premises storage by using Fluid | Fluid is an open source, Kubernetes-native distributed dataset orchestrator and accelerator for data-intensive applications in cloud-native scenarios, such as big data applications and AI applications. In addition to storage and cache systems, Fluid also provides the ThinRuntime CustomResourceDefinition (CRD). The ThinRuntime CRD can be used to describe any custom storage systems and interface the systems with Fluid. | All | ||
Access acceleration to OSS objects by using Fluid | Fluid enables the observability, auto scaling, and portability of datasets by managing and scheduling JindoRuntime. JindoRuntime is the execution engine of JindoFS developed by the Alibaba Cloud E-MapReduce (EMR) team. JindoRuntime is based on C++ and provides dataset management and caching. JindoRuntime also supports Object Storage Service (OSS). | All | ||
ACK Edge | NodePort listening based on node pools | Service isolation is required in edge computing scenarios. For example, when you use a NodePort Service, you can listen on the ports exposed by the NodePort Service on nodes only in the specified node pool. This helps avoid port conflicts. | All | |
ACK Lingjun |
| ACK Lingjun clusters are available on the Alibaba Cloud International site and the ack-fluid component can be deployed from the App Catalog page of the ACK console to support distributed dataset orchestration and acceleration. | All |
August 2023
Product | Feature | Description | Region | References |
ACK | Backup plans in ACK backup center optimized | Backup task fuzzy match is supported and backup tasks can be sorted in the order of creation time in the ACK console. Real-time backup tasks and backup plans can be created by using clone feature. | All | |
ACK Serverless | SidecarSet controller added to ack-virtual-node to use DaemonSet features | The SidecarSet controller is added to the ack-virtual-node component to inject sidecar containers into pods on virtual nodes by using SidecarSets. This allows you to inject containers into application pods as sidecar containers to use DaemonSet features, such as log collection and monitoring. | All | None |
Cloud-native AI suite | Dynamic MIG partitioning supported by GPU scheduling | Multi-instance GPU (MIG) and dynamic partitioning are supported by GPU nodes with the required label after you install ack-ai-installer provided by the cloud-native AI suite in an ACK managed cluster. Each node reports the maximum number of GPU instances that the node supports. Each container can apply for only one GPU instance. | All | Labels for GPU-accelerated node scheduling and methods for changing label values |
Notebook images supported by AI Developer Console | ack-ai-dev-console is an AI Developer Console component provided by the cloud-native AI suite. commit-agent and ack-commit-ctl are added to AI Developer Console to allow you to save notebooks on ECS instances as images and use these images to restore notebooks. | All | ||
ack-fluid 1.0.3 released | The ack-fluid component is a distributed dataset orchestration and acceleration engine provided by the cloud-native AI suite. ack-fluid 1.0.3 supports privileged FUSE sidecar containers. This version also fixes the out of memory (OOM) issue for the JuiceFSRuntime controller, issues related to the auto recovery feature of FUSE, and the residual resource issue for runtime updates. | All | ||
ack-kube-queue 0.2.0 released | ack-kube-queue is a job queue component provided by the cloud-native AI suite. ack-kube-queue 0.2.0 allows you to enable blocking queues for a single queue and can re-add TensorFlow jobs and PyTorch jobs to a queue when these jobs time out. This version also allows you to add Argo workflows to a queue and limit the number of jobs that can leave a queue at a time. In addition, the log that records dequeue failures is optimized. | All | ||
ACK One | SLB instance management with cloud controller manager (CCM) supported by registered clusters | The CCM allows you to use basic services of Alibaba Cloud, such as Classic Load Balancer (CLB), in ACK. You can install the CCM in registered clusters of ACK One to manage Server Load Balancer (SLB) instances. | All | |
Custom DNS servers supported by registered clusters | Self-managed DNS servers can be specified for elastic container instances in registered clusters. | All | ||
Application migration to ACK One GitOps in an automated manner | onectl can be used to migrate applications to ACK One GitOps in an automated manner. Application Center is no longer updated and will be progressively discontinued. You can use onectl to migrate applications from Application Center to ACK One GitOps in an automated manner. | All | Use onectl to migrate applications to ACK One GitOps in an automated manner | |
Public access to Argo CD | Public access to Argo CD can be enabled to allow you to use Argo CD to deliver or access applications from the ACK One console. | All |
July 2023
Feature | Description | Region | References |
ACK Standard clusters renamed as ACK Basic clusters | ACK Standard clusters are renamed as ACK Basic clusters. The following clusters are affected: ACK manage clusters, ACK Serverless clusters, and ACK Edge clusters. The corresponding parameter in API operations remains unchanged. ACK Basic clusters are only for personal use and testing purposes. Use ACK Pro clusters in production environments. | All | |
ALB Ingress controller v2.9.0-aliyun.1 released | ALB Ingress controller v2.9.0-aliyun.1 is released. | All | |
Terway 1.5.5 released | Terway 1.5.5 is released to support elastic network interfaces (ENIs) filters. | All | |
GPU-accelerated node diagnostics supported by Container Intelligence Service | GPU-level GPU diagnostics are supported by ACK clusters. You can collect basic GPU metrics to troubleshoot issues. | All | |
IP-aware pod scheduling and topology-aware pod scheduling supported by the ACK scheduler |
| All | None |
Backup plans in ACK backup center optimized | Namespaces can be selected by excluding specific namespaces. Backup plans can be created and copied. | All | |
Serverless Kubernetes (ASK) renamed as ACK Serverless | ASK is renamed as ACK Serverless and ASK clusters are renamed as ACK Serverless clusters. ACK Serverless clusters are billed based on uptime in seconds and support auto scaling within a few seconds. You do not need to maintain clusters and nodes when you use ACK Serverless clusters. | All | |
KServe supported by ACK Serverless clusters to accelerate the deployment of AI models | KServe is a machine learning model service framework developed based on Kubernetes to provide simple Kubernetes CustomResourceDefinitions (CRDs) to allow you to deploy one or more trained models to a model service runtime. For example, you can deploy TFServing, TorchServe, and Triton models. You can deploy the KServe component in ACK Serverless clusters with a few clicks. This component provides out-of-the-box model services to help you build custom model service runtimes. | All | |
Fully-managed core components supported by ACK Serverless clusters to simplify O&M | The following components are fully managed in ACK Serverless Pro clusters: the Kube scheduler, CCM, Kube controller manager, Kube API server, and CoreDNS. These components do not occupy your resources, which greatly reduce the complexity of cluster maintenance. | All | |
Preemptible instance creation accelerated for ACK Serverless clusters | ACK Serverless allows you to create instances of up to one million CPU cores within one hour to handle large numbers of concurrent jobs, such as Spark jobs. This reduces the waiting time of the jobs in the queue and guarantees sufficient computing power in big data scenarios where computing and storage are decoupled. | All | |
ack-kube-queue 0.1.12 released |
| All | None |
ack-fluid 1.0.2 released | ack-fluid is a distributed dataset orchestration and acceleration engine provided by the cloud-native AI suite. The following new features are supported by ack-fluid:
| All | None |
Registered cluster creation and management with onectl | onectl can be used to create registered clusters, connected registered clusters to external Kubernetes clusters, configure permissions, and install components. | All | |
Using registered clusters to allow external Kubernetes clusters to use CPU and GPU resources provided by serverless ECI | Registered clusters can be used to allow external Kubernetes clusters in data centers to use CPU and GPU resources provided by serverless Elastic Container Instance (ECI). | All |
June 2023
Feature | Description | Region | References |
ACK cluster updates to Kubernetes 1.26 supported | The Kubernetes version of ACK clusters can be updated to 1.26. | All | |
Network diagnostics supported by Container Intelligence Service | Container Intelligence Service supports network diagnostics based on Skoop to improve O&M capabilities. | All | |
Capabilities of ACK backup center enhanced | The capabilities of the ACK backup center are enhanced. The following new features are added:
| All | |
New ACK scheduler version released | The following new features are added to the new ACK scheduler version:
| All | |
Cloud-native AI suite supported by ACK Serverless Pro clusters | ACK Serverless clusters can provide reliable, O&M-free, and highly elastic environments for AI, machine learning, and big data workloads. You can install and activate the cloud-native AI suite in ACK Serverless Pro clusters with a few clicks to improve the availability and performance of your applications. Arena is an efficient tool to submit and manage jobs that use mainstream AI computing frameworks. Fluid provides data elasticity and data preloading to support serverless scenarios. These features can improve the efficiency and performance of AI, machine learning, and big data workloads deployed in ACK Serverless clusters. | All | |
Acceleration of access to PVs and hostPath volumes with Fluid in hybrid cloud environments | JindoRuntime is a Fluid runtime engine developed by the Alibaba Cloud E-MapReduce (EMR) team based on JindoFS. JindoRuntime provides dataset management and caching for Fluid. JindoRuntime can cache data stored in Kubernetes hostPath volumes and persistent volumes (PVs) to accelerate data access. In hybrid cloud environments, you can use PVs to mount any self-managed storage systems, such as CephFS, or use hostPath volumes to mount self-managed storage systems. This helps accelerate access to the self-managed storage systems. | All | |
DeepSpeed jobs supported by Arena and DeepSpeed distributed training best practices available | DeepSpeed is an open source deep learning optimization software suite that provides distributed training and model optimization to accelerate model training. The cloud-native AI suite uses Arena to support DeepSpeed jobs. You can use Arena to quickly submit DeepSpeed distributed training jobs and use TensorBoard to view these jobs in a visualized manner. | All | |
ARM-based nodes supported by ack-kube-queue | ack-kube-queue is a Kubernetes queue component provided by the cloud-native AI suite. ack-kube-queue works with the scheduler and quota system to allow you to manage queues, schedule jobs based on priorities, and use elastic quotas. ARM-based nodes are supported by ack-kube-queue to optimize the management and scheduling of AI, machine learning, and batch computing workloads on ARM-based nodes. | All | |
Application migration to ACK One GotOps supported by ACK One | ACK One allows you to migrate applications from Application Center to ACK One GitOps. ACK One GitOps manages open source Argo CD, provides a dedicated console domain name, and integrates Alibaba Cloud account single sign-on (SSO) to support multi-cluster application delivery. | All | |
Policy management supported by registered clusters | Registered clusters provide a variety of policy governance rules and a powerful console based on Open Policy Agent (OPA) and the gatekeeper admission controller to ensure the security of registered clusters. | All | |
ACK One multi-cluster GitOps best practice released | The ACK One GitOps best practice demonstrates how to use the out-of-the-box GitOps features to release, update, and roll back multi-cluster applications. In addition, GitOps can be used together with Continuous Integration (CI) pipelines and used to manage user permissions. | All |
May 2023
Feature | Description | Region | References |
Kubernetes 1.26 supported by ACK | Kubernetes 1.26 is supported by ACK. You can create ACK clusters that run Kubernetes 1.26. | All | |
csi-compatible-controller supported by ACK | The csi-compatible-controller component allows you to use FlexVolume and CSI in the same ACK cluster and migrate from FlexVolume to CSI by changing the type of volumes mounted to the applications in the cluster. | All | |
Creating elastic container instances from specified ECS instance types supported by ACK Serverless clusters | ACK Serverless clusters allow you to create elastic container instances from specified ECS instance types. These elastic container instances support multiple processors and can help you reduce the instance cost by 40% compared with the previous generation instances. In addition, you can purchase savings plans through annual subscriptions to reduce the cost by 10% when handling unexpected traffic fluctuations. | All | |
Cost insights supported by ACK Serverless clusters | Cost insights are supported by ACK Serverless clusters. Cost insights allow you to analyze the cost of elastic resources in terms of clusters, namespaces, and applications, and perform fine-grained cost prediction and locate the root cause. This feature can help IT asset administrators optimize resource allocation and billing methods and make cost governance much easier. | All | |
Blocking queues and strict priority scheduling supported by ack-kube-queue | ack-kube-queue allows system administrators to customize job queue management and improve the flexibility of queues.
| All | |
Visual Studio (VS) Code notebooks supported by cloud-native AI suite | The cloud-native AI suite allows you to create VS Code notebooks to develop and debug machine learning algorithms, and submit these algorithms to ACK clusters for model training. The cloud-native AI suite allows you to set up an AI development environment by deploying open source JupyterLab, custom Juypter notebook images, or custom VS Code notebook images in your ACK cluster, and integrate the configurations of the cloud-native AI suite with the permission management system of ACK. | All | |
Enabling and redirecting to GitOps supported by ACK One | ACK One supports the GitOps feature. You can enable or disable the GitOps console on the master instance page of the ACK One console. A hyperlink is also provided to redirect you to the GitOps console. | All | |
GitOps control plane logs and audit logs | ACK One allows you to view the control plane logs and audit logs of GitOps. You can view these logs on the master instance page of the ACK One console. | All | Enable the collection of the control plane logs and audit logs of GitOps |
April 2023
Feature | Description | Region | References |
Simultaneous deletion of Log Service projects and clusters | When you delete a cluster, you can specify whether to delete the Log Service project used by the cluster at the same time. Important A Log Service project includes multiple Logstores. After the project is deleted, data in the Logstores is also deleted. Proceed with caution. | All | |
ACK scheduler 4.1 released |
| All | |
Fluid control plane component monitoring | Fluid is a Kubernetes-native distributed dataset orchestration and acceleration engine that serves data-intensive applications, such as big data applications and AI applications, in cloud-native scenarios. ACK allows you to install the Fluid monitoring component on Prometheus instances of Managed Service for Prometheus with a few clicks and use the out-of-the-box dashboards provided by Managed Service for Prometheus to monitor the control plane components of Fluid. | All | |
Multi-tenant access control supported by ACK One GitOps | You can configure multi-tenant access control for ACK One GitOps to manage the permissions of different roles and mitigate potential security risks. | All |
March 2023
Feature | Description | Region | References |
vSwitch configuration supported in the Terway settings | vSwitches can be added or removed in the ACK console. You can add or remove vSwitches when you modify the terway-eniip component on the Add-ons page of the ACK console. | All | Increase the number of pod vSwitches in a cluster that uses the Terway plug-in |
NAS or CPFS client I/O operation troubleshooting through CNFS dashboards supported | Container Network File System (CNFS) dashboards can be used to troubleshoot issues related to I/O operations on clients and locate the pods that cause the issues. For example, you can troubleshoot frequent I/O operations that may slow down the system and high bandwidth usage on clients. | All | |
RAM user permission management supported by ACK One | Resource Access Management (RAM) users can be authorized to access and manage the master instances by using administrator accounts of master instances of ACK One. | All | |
Automatic application updates supported by ACK One GitOps Image Updater | Automatic application updates are supported by ACK One GitOps Image Updater. You can configure ACK One GitOps Image Updater to monitor image updates in Container Registry and automatically trigger application updates when new image versions are pushed to Container Registry. This allows you to build a GitOps pipeline based on third-party CI systems to automate application delivery. | All | None |
Metering method and pricing solution updates for the cloud-native AI suite | The metering method and pricing solution of the cloud-native AI suite are updated to improve metering accuracy and apply tiered pricing. The 50% discount for the cloud-native AI suite ends at 00:00:00 (UTC+8) on April 1, 2023. Beginning 00:00:00 (UTC+8) on April 1, 2023, you are charged for using the cloud-native AI suite. | All | |
ack-fluid 0.9.7 released | ack-fluid 0.9.7 is released. ack-fluid is a cache accelerator that is included in the cloud-native AI suite. Some known issues are fixed and security is reinforced in ack-fluid 0.9.7. | All | |
Advanced features supported for gang scheduling | Advanced features are supported for gang scheduling, such as the GangGroup feature. ACK Pro clusters support gang scheduling to enable job scheduling in all-or-nothing scenarios. When you use gang scheduling, some jobs may use different roles. Using only one PodGroup to manage the pods of all roles cannot meet the requirements of different roles on the min-available resource. If you create multiple PodGroups for the roles, the pods of the roles cannot be scheduled in one batch. To resolve this issue, you can use the GangGroup feature to manage multiple gangs as a group. The job can be run only when the number of pods that are scheduled reaches the value of the min-available parameter for each role. In addition, gang scheduling retries can be controlled by claiming a matchpolicy. | All |
February 2023
Feature | Description | Region | References |
Custom parameters supported by kubelet | Kubelet configurations can be customized to manage the behavior of nodes. ACK allows you to customize the kubelet configurations of nodes in a node pool. After the modification is complete, the new configurations immediately take effect on existing nodes in the node pool in batches and are automatically applied to newly added nodes. | All | |
Service diagnostics supported by AIOps | The Service diagnostics feature is supported by AIOps. You can use this feature to troubleshoot CLB issues related to billing methods, certificates, reuse of CLB instances, CLB quotas, and anomaly events. | All | |
Cloud disk type configurable | The type of cloud disks mounted to your application can be changed. Assume that you have created a standard SSD for your application. If your application requires a higher IOPS, you can upgrade the type of the disk from standard SSD to enhanced SSD (ESSD). | All | |
Disks of the cloud_auto type supported by dynamically provisioned volumes | In addition to disks of the cloud_efficiency, cloud_ssd, cloud_essd, and available types, disks of the cloud_auto type can also be mounted as dynamically provisioned volumes. | All | |
Alibaba Cloud accounts supported for logging on to the Argo CD UI or Argo CD CLI | By default, ACK One GitOps supports single sign-on (SSO) when you use RAM users to log on to the Argo CD UI or Argo CD CLI. After you log on to the ACK One console by using an Alibaba Cloud account, you can use SSO to log on to the Argo CD UI or Argo CD CLI without entering a username and a password. | All |
Historical releases
For more information about ACK release notes before 2023, see Historical release notes (before 2023).