Container Service for Kubernetes (ACK) edge clusters are designed to bring cloud computing to terminal devices at the edge. ACK edge clusters can be created, managed, and maintained in the ACK console. ACK is a platform that integrates cloud computing with edge computing on top of the edge computing infrastructure. This topic describes how to create an ACK Edge cluster in the ACK console.
Table of contents
Links for increasing quota limits/references
ACK clusters support only VPCs.
The pay-as-you-go and subscription billing methods are supported. After an ECS instance is created, you can change its billing method from pay-as-you-go to subscription in the ECS console.
VPC route entries
By default, you can add at most 200 route entries to the VPC of an ACK cluster that runs Flannel. VPCs of ACK clusters that run Terway do not have this limit. If you want to add more route entries to the VPC of your ACK cluster, request a quota increase for the VPC.
By default, you can create at most 100 security groups with each account.
By default, you can create at most 60 pay-as-you-go SLB instances with each account.
By default, you can create at most 20 EIPs with each account.
For more information, see Billing of ACK edge clusters.
The sharp growth of smart devices connected to the Internet and the need to deploy business and process data at edges have significant impacts on edge computing services. To meet these requirements, a variety of new edge computing services have emerged, such as edge intelligence, real-time edge computing, and edge analytics. Traditional cloud computing platforms provide computing and storage services in the cloud. However, this no longer meets the requirements of edge devices for time-efficient computing, larger storage capacity, and enhanced computing capacity. To meet these requirements, ACK provides ACK edge clusters to coordinate services in the cloud and edges. An ACK Edge cluster is a standard, secure, and highly-available Kubernetes cluster deployed in the cloud. This type of cluster is integrated with features of Alibaba Cloud, such as virtualization, storage, networking, and security. This simplifies how you manage and maintain clusters and allows you to focus on business development. In addition, quick access to a variety of heterogeneous edge computing services is supported at the edges. The cloud control center allows you to manage edge devices, such as IoT gateway devices, terminals, Content Delivery Network (CDN) resources, and data centers. The X86 and ARM architectures are supported. ACK edge clusters have been used in various sectors, such as edge intelligence, intelligent buildings, intelligent factories, audio and video live streaming, online education, and CDN.
Step 1: Log on to the ACK console
Log on to the ACK console. In the left-side navigation pane, click Clusters.
In the upper-right corner of the Clusters page, click Create Kubernetes Cluster.
On the Create Cluster page, click the Managed Edge Kubernetes tab.
Step 2: Configure a cluster
On the Managed Edge Kubernetes page, configure the basic and advanced settings for the cluster.
Move the pointer over All Resources at the top of the page and select the resource group that you want to use. After you select a resource group, VPCs and vSwitches are filtered based on the selected resource group. When you create a cluster, only VPCs and vSwitches that belong to the specified resource group are displayed.
Enter a name for the cluster.
The name must be 1 to 63 characters in length, and can contain digits, letters, hyphens (-), and underscores (_). The name must start with a letter or digit.
Select a cluster type. You can select Professional or Standard edition.
Select Professional to create an ACK Edge cluster.
Select a region to deploy the cluster.
The Kubernetes versions supported by ACK are displayed.
Select a VPC to deploy the cluster. Standard VPCs and shared VPCs are supported.
ACK clusters support only VPCs. You can select a virtual private cloud (VPC) from the drop-down list. If you do not have a VPC, click Create VPC to create one. For more information, see Create and manage VPCs.
You can select up to three vSwitches that are deployed in different zones. If no vSwitch is available, click Create vSwitch. For more information, see Create and manage vSwitches.
Pod CIDR Block
The pod CIDR block must not overlap with the CIDR block of the VPC, the CIDR blocks of the ACK clusters in the VPC, or the Service CIDR block. The pod CIDR block cannot be modified after it is specified. For more information, see Plan Kubernetes cluster networks.
Number of Pods per Node
Specify the number of pods per node.
Set Service CIDR. The Service CIDR block must not overlap with the CIDR block of the VPC, the CIDR blocks of the ACK clusters in the VPC, or the pod CIDR block. The Service CIDR block cannot be modified after it is specified. For more information, see Plan Kubernetes cluster networks.
By default, the check box is selected. If the VPC that you select for the cluster cannot access the Internet, you can select Configure SNAT for VPC. This way, ACK will create a NAT gateway and configure SNAT rules to enable Internet access for the VPC.
Access to API Server
By default, an internal-facing SLB instance is created for the Kubernetes API server of the cluster. You can modify the specification of the SLB instance. For more information, see Instance types.
If you delete the SLB instance, you cannot access the Kubernetes API server of the cluster.
Select or clear Expose API Server with EIP. The ACK API server provides multiple HTTP-based RESTful APIs, which can be used to create, delete, modify, query, and monitor resources, such as pods and Services.
Edge nodes interact with the API server in the cloud over the Internet. If you clear Expose API Server with EIP, the edge nodes cannot connect to the cluster in the cloud. As a result, the cluster cannot be used in edge computing scenarios.
Click Select RDS Instance to add node IP addresses to the whitelist of an ApsaraDB RDS instance.
You can select Create Basic Security Group, Create Advanced Security Group, or Select Existing Security Group. For more information about security groups, see Overview of security groups.
Specify whether to enable deletion protection for the cluster. Deletion protection can prevent clusters from being accidentally released by using the console or API.
The resource group that owns the cluster to be created. Each resource can belong only to one resource group. You can regard a resource group as a project, an application, or an organization based on your business scenarios. For more information, see Resource groups.
Click Show Advanced Options to configure the advanced settings of the cluster.
View advanced settings
iptables and IPVS are supported.
Add labels to cluster nodes. Enter a key and a value, and then click Add.
If you select Select Key, you can use a key that is created in the Key Management Service (KMS) console to encrypt Kubernetes Secrets. For more information about how to configure Secret encryption, see Use KMS to encrypt Secrets.
Step 3: Configure worker nodes
In an ACK Edge cluster, you must configure at least one worker node to deploy components.
Specify the container runtime based on the Kubernetes version. The supported Kubernetes versions vary based on the container runtime:
You can select multiple instance types. You can filter instance types by vCPU, memory, architecture, or category.
The instance types that you select are displayed in the Selected Types section.
When the node pool is scaled out, ECS instances of the instance types that you select for the Instance Type parameter are created. The scaling policy of the node pool determines which instance types are used to create new nodes during scale-out activities. Select multiple instance types to improve the success rate of node pool scale-out operations.
To use advanced features such as logging, monitoring, and reverse tunneling, you must deploy the related components in the cloud. Therefore, you must create at least one Elastic Compute Service (ECS) instance as a worker node.
The selected instance types are displayed.
Specify the number of worker nodes (ECS instances) to be created.
Enhanced SSDs, standard SSDs, and ultra disks are supported. The types of system disks that you can select depend on the instance types that you select. For more information about the disk types supported by different instance types, see Instance families. Disk types that are not displayed in the drop-down list are not supported by the instance types that you select.
Mount Data Disk
Enhanced SSDs (ESSDs), standard SSDs, and ultra disks are supported. The disk types that you can select depend on the instance types that you select. For more information about the disk types supported by different instance types, see Instance families. Disk types that are not displayed in the drop-down list are not supported by the instance types that you select.
You must set the logon type if you select Install the CloudMonitor Agent on ECS Nodes or Enable Log Service.
Step 4: Configure components
Click Next:Component Configurations to configure the basic settings and advanced settings of cluster components.
Specify whether to install the CloudMonitor agent. After you install the CloudMonitor agent on ECS nodes, you can view the monitoring information about the nodes in the CloudMonitor console.
This parameter takes effect only on newly added nodes and does not take effect on existing nodes. If you want to install the CloudMonitor agent on an existing ECS node, go to the CloudMonitor console.
Specify whether to enable Simple Log Service. You can select an existing Simple Log Service project or create one. By default, Enable Log Service is selected. For more information about how to quickly configure Simple Log Service when you create an application, see Collect log data from containers by using Simple Log Service.
Step 5: Confirm the cluster configurations
Click Next:Confirm Order, confirm the configurations, read and select the terms of service, and then click Create Cluster.
After the cluster is created, you can find the cluster on the Clusters page in the ACK console.
It requires about 10 minutes to create an ACK cluster that contains multiple nodes.
What to do next
View the basic information about the cluster
On the Clusters page, find the created cluster and click Details in the Actions column. On the cluster details page, click the Basic Information tab to view the basic information about the cluster and click the Connection Information tab to view information about how to connect to the cluster. The following information is displayed:
API Server Public Endpoint: the IP address and port that the API server of the cluster uses to provide services over the Internet. It allows you to manage the cluster by using kubectl or other tools on your client.
Only ACK managed clusters support the Associate EIP and Disassociate EIP features.
Associate EIP: You can select an existing EIP or create an EIP.
The API server restarts after you associate an EIP with the API server. We recommend that you do not perform operations on the cluster during the restart process.
Disassociate EIP: After you disassociate the EIP, you can no longer access the API server over the Internet.
The API server restarts after you disassociate the EIP from the API server. We recommend that you do not perform operations on the cluster during the restart process.
API Server Internal Endpoint: the IP address and port that the API server uses to provide services within the cluster. The IP address belongs to the Server Load Balancer (SLB) instance that is associated with the cluster.
View cluster logs
You can choosein the Actions column to go to the Log Center page and view the logs of the cluster.
View the information of nodes in the cluster
You can obtain the kubeconfig file of the cluster and use kubectl to connect to the cluster, and run the
kubectl get nodecommand to view the node information of the cluster.