Virtual nodes let you schedule pods directly to Elastic Container Instance (ECI) without provisioning or maintaining node pools. This page explains how virtual nodes work, when to use them, and what their limitations are.
Virtual nodes are available in ACK Edge clusters running Kubernetes V1.28 or later.
How it works
In a standard ACK cluster, the kubelet schedules pods to ECS nodes in a node pool. Scaling out means waiting for new ECS instances to start — a process that takes minutes and can leave you with idle capacity during off-peak hours.
Virtual nodes remove this layer. A virtual node encapsulates compute resources by using the ack-virtual-node component, allowing you to deploy workloads without worrying about the underlying infrastructure. ECI is a serverless container service where each elastic container instance maps to one pod. To deploy applications, you only need to provide a container image and pay for the resources your containers consume.
With this architecture, you skip node provisioning entirely. Provide a container image, and ECI handles the rest. You pay only for the resources your containers consume.
Benefits
Virtual nodes eliminate the infrastructure management that normally comes with handling variable workloads. With virtual nodes, you no longer need to:
-
Select instance types or size node pools: No capacity planning required. Pods are created on demand and billed pay-as-you-go. When a pod terminates, billing stops.
-
Perform node O&M: No OS updates, security patches, or node-level maintenance.
-
Reserve resources for peak traffic: Scale to 50,000 pods in a single cluster without advance planning.
ImportantIf your pods are associated with many Services, keep the pod count below 20,000.
-
Wait minutes for new capacity: Spin up thousands of pods within a short period of time to absorb traffic spikes.
-
Manage cross-instance isolation: Each elastic container instance runs in a lightweight virtual sandbox, isolated from other instances.
Use cases
| Use case | Why virtual nodes fit |
|---|---|
| Online businesses (e-commerce, online education) | Handle traffic spikes instantly without over-provisioning for peak hours. |
| Data processing (Spark, Presto) | Deploy thousands of pods for big data jobs and pay only for what you use. |
| AI jobs (model training, inference) | Skip long-term resource reservations. Resources are deployed on demand and billed on a per-second basis. Scale compute within seconds for unexpected jobs. |
| CI/CD testing (CI packaging, stress tests, simulation tests) | Create and release container instances on demand. Per-second billing keeps batch test costs low. |
| Jobs and CronJobs | Billing stops automatically when Jobs or CronJobs complete and their pods are deleted. |
Limitations
Before using virtual nodes, check that your workloads are compatible.
| Capability | Supported | Notes |
|---|---|---|
| DaemonSets | No | Use sidecar containers instead. |
HostPath volumes in pod manifests |
No | |
HostNetwork in pod manifests |
No | |
| Privileged containers | No | Use a security context to add capabilities to a pod. The privileged container feature is in internal preview — submit a ticket to request access. |
| NodePort Services | No | |
| Session affinity | No | |
| China South Finance region | No | |
| Alibaba Gov Cloud region | No | |
| ARM-based virtual nodes | Yes | |
| Windows virtual nodes | Yes | In invitational preview. |
Billing
The virtual node feature itself is free. The following charges apply when you use it:
-
ACK cluster management fee: Charged for the ACK cluster.
-
Elastic Container Instance: Charged for the resources consumed by pods running on ECI.
-
Supporting services: Virtual Private Cloud (VPC) and Server Load Balancer (SLB) are billed separately.
For ECI pricing details, see Billing overview.
Quick start
To schedule your first pod to a virtual node, see Schedule pods to elastic container instances.
What's next
Before upgrading your cluster, make sure your ECI platform version is compatible with the target Kubernetes version. If incompatible ECI-based pods exist, delete and recreate them before upgrading. For details, see Update Elastic Container Instance platform version.
| Task | Description | Reference |
|---|---|---|
| Configure pods in bulk | Create an eci-profile ConfigMap to configure security groups and zones for ECI-based pods. Changes apply immediately to new pods and after a rolling update for existing pods. |
Configure an eci-profile |
| Customize pod behavior with annotations | Use pod annotations to specify ECI instance types, enable image cache, assign IPv6 addresses, or expand temporary storage. | ECI pod annotations |
| Choose a scheduling policy | Schedule pods exclusively to virtual nodes, fall back to virtual nodes when ECS resources are unavailable, or mix ECS and ECI scheduling. | Schedule a pod to a virtual node |
| Enable virtual node scheduling for a cluster | Configure the cluster-level scheduling policy to route pods to virtual nodes. | Enable the virtual node-based pod scheduling policy for an ACK cluster |
| Schedule pods to ECI | Follow a step-by-step guide to schedule pods to elastic container instances. | Schedule pods to elastic container instances |
| Use ACS computing power | Access ACS computing power through an ACK managed cluster Pro edition. | Use ACS computing power through ACK managed cluster Pro edition |
| Mix ECS and ECI resource allocation | Configure scheduling to split workloads across ECS instances and elastic container instances. | Configure resource allocation based on ECS instances and elastic container instances |
| Spread pods across zones | Configure zone affinity for ECI-based pods to improve availability. | Spread Elastic Container Instance-based pods across zones and configure affinities |
| Use ARM-based virtual nodes | By default, ACK clusters schedule workload pods to x86-based virtual nodes. Pods become pending when x86 nodes are insufficient. Schedule workloads to ARM-based virtual nodes to handle these cases. | Schedule workloads to ARM-based virtual nodes |
| Use Windows virtual nodes | Add Windows virtual nodes to the cluster and schedule pods to them. | (In invitational preview) Schedule pods to run on Windows virtual nodes |
| Run Jobs on virtual nodes | Handle peak compute demand by running Jobs on virtual nodes without creating new nodes. | Use an elastic container instance to run a Job |
| Run Spark jobs on ECI | Configure scheduling policies to run Spark workloads on ECI and pay only for resources used. | Use elastic container instances to run Spark jobs |
| Inject sidecar containers | Use the ACK Virtual Node component to automatically inject sidecar containers into pods on virtual nodes. | Inject sidecar containers into pods on virtual nodes |
| Monitor virtual nodes | Modify Prometheus monitoring configurations to collect metrics from specific virtual nodes. | Collect the metrics of the specified virtual node |
| Configure service discovery | Enable service discovery (intranet, headless, and ClusterIP services) on virtual nodes using Alibaba Cloud DNS PrivateZone. | Service discovery on virtual nodes based on Alibaba Cloud DNS PrivateZone |
| Review FAQs | Find answers to common questions about virtual nodes. | FAQs about virtual nodes |