To accommodate the need for adjusting control plane parameters in a production environment, Container Service for Kubernetes offers a feature for customizing control plane parameters. You can modify parameters of core managed components such as kube-apiserver, kube-controller-manager (KCM), cloud-controller-manager (CCM), and kube-scheduler according to your needs. This topic explains how to customize control plane parameters in the Container Service Management Console.
Considerations
-
Currently, only ACK managed cluster Pro edition, ACK Serverless cluster Pro edition, ACK Edge cluster Pro edition, and ACK Lingjun cluster support the customization of certain core control plane component parameters. For a list of customizable parameters, see Default Parameters List. For more details, consult the console interface. Some parameters are only supported in specific versions of clusters. If a cluster upgrade is required, see Manually Upgrade a Cluster.
-
After customizing the parameters, the control plane will restart. It is advisable to perform this operation during off-peak hours.
-
Customizing parameters will overwrite the default settings provided by the original cluster, rendering them invalid. When setting custom parameters, ensure they are accurate and complete. Incorrect parameters may prevent the control plane from starting. For detailed parameter guidance, refer to the Kubernetes official documentation based on your cluster version: kube-apiserver, kube-controller-manager, kube-scheduler.
Customize control plane component parameters
The process for customizing parameters is similar across different components. The following steps illustrate how to customize the parameters of kube-apiserver.
Log on to the ACK console. In the left-side navigation pane, click Clusters.
On the Clusters page, find the cluster that you want to manage and click its name. In the left-side navigation pane, choose .
-
In the Core Components area, find the target component, and then click Configuration in the lower-right corner of the card.
-
In the Kube API Server Parameter Configuration dialog box, enter your custom parameters, ensuring they are complete and correct, and then click OK.
Default parameters list
ACK managed cluster Pro edition
Component Name | Parameter | Parameter Description |
Kube API Server | enableAdmissionPlugins | By default, this field is left empty. |
serviceNodePortRange | Valid values: 10000 to 65535. By default, this parameter is left empty. Important Exercise caution when you modify the node port range. Ensure that the node port range does not conflict with the port range of the | |
requestTimeout | By default, this field is left empty. | |
defaultNotReadyTolerationSeconds | By default, this field is left empty. | |
defaultUnreachableTolerationSeconds | By default, this field is left empty. | |
maxMutatingRequestsInflight | Valid values: 1 to 1000. By default, this parameter is left empty. | |
maxRequestsInflight | Valid values: 1 to 3000. By default, this parameter is left empty. | |
featureGates | Optional parameters include Note
| |
oidcIssuerURL | By default, this field is left empty. Supported in Kubernetes 1.18 and later. Important
| |
oidcClientId | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcUsernameClaim | The default value is | |
oidcUsernamePrefix | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcGroupsPrefix | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcGroupsClaim | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcRequiredClaim | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcCAContent | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
hostAliases | By default, this field is left empty. Supported in Kubernetes 1.26 and later. | |
enableTrace | By default, this field is left empty. Supported in Kubernetes 1.28 and later. | |
samplingRatePerMillion | ||
Kube Controller Manager | horizontalPodAutoscalerSyncPeriod | By default, this field is left empty. |
horizontalPodAutoscalerTolerance | By default, this field is left empty. | |
concurrentTTLAfterFinishedSyncs | By default, this field is left empty. | |
concurrentHorizontalPodAutoscalerSyncs | By default, this field is left empty. Supported in Kubernetes 1.26 and later. | |
largeClusterSizeThreshold | By default, this field is left empty. | |
unhealthyZoneThreshold | By default, this field is left empty. | |
secondaryNodeEvictionRate | By default, this field is left empty. | |
nodeEvictionRate | By default, this field is left empty. | |
terminatedPodGCThreshold | By default, this field is left empty. | |
kubeAPIQPS | Valid values: 1 to 1000. By default, this parameter is left empty. | |
kubeAPIBurst | Valid values: 1 to 1000. By default, this parameter is left empty. | |
concurrentCSRSyncs | By default, this field is left empty. Supported in Kubernetes 1.32 and later. | |
concurrentNodeTaintSyncs | By default, this field is left empty. Supported in Kubernetes 1.32 and later. | |
featureGates | The optional parameter is | |
Cloud Controller Manager | routeTableIDs | By default, this field is left empty. If there are multiple route tables in the VPC, you can manually set CCM to support multiple route table IDs, separated by commas (,), for example, |
Kube Scheduler | For information about customizing parameters through Kube Scheduler, see Customize Scheduler Parameters. | |
ACK Serverless cluster Pro edition
Component Name | Parameter | Parameter Description |
Kube API Server | enableAdmissionPlugins | By default, this field is left empty. |
requestTimeout | By default, this field is left empty. | |
defaultNotReadyTolerationSeconds | By default, this field is left empty. | |
defaultUnreachableTolerationSeconds | By default, this field is left empty. | |
maxMutatingRequestsInflight | Valid values: 1 to 1000. By default, this parameter is left empty. | |
maxRequestsInflight | Valid values: 1 to 3000. By default, this parameter is left empty. | |
featureGates | Optional parameters include Note
| |
oidcIssuerURL | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcClientId | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcUsernameClaim | The default value is | |
oidcUsernamePrefix | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcGroupsPrefix | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcGroupsClaim | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcRequiredClaim | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcCAContent | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
Kube Controller Manager | horizontalPodAutoscalerSyncPeriod | By default, this field is left empty. |
horizontalPodAutoscalerTolerance | By default, this field is left empty. | |
concurrentTTLAfterFinishedSyncs | By default, this field is left empty. | |
kubeAPIQPS | Valid values: 1 to 1000. By default, this parameter is left empty. | |
kubeAPIBurst | Valid values: 1 to 1000. By default, this parameter is left empty. | |
featureGates | The optional parameter is | |
Kube Scheduler | Multiple parameters. Currently open in the whitelist. | For information about customizing parameters through Kube Scheduler, see Customize Scheduler Parameters. |
ACK edge cluster Pro edition
Component Name | Parameter | Parameter Description |
Kube API Server | enableAdmissionPlugins | By default, this field is left empty. |
serviceNodePortRange | Valid values: 10000 to 65535. By default, this parameter is left empty. Important Exercise caution when you modify the node port range. Ensure that the node port range does not conflict with the port range of the | |
requestTimeout | By default, this field is left empty. | |
defaultNotReadyTolerationSeconds | By default, this field is left empty. | |
defaultUnreachableTolerationSeconds | By default, this field is left empty. | |
maxMutatingRequestsInflight | Valid values: 1 to 1000. By default, this parameter is left empty. | |
maxRequestsInflight | Valid values: 1 to 3000. By default, this parameter is left empty. | |
featureGates | Optional parameters include Note
| |
oidcIssuerURL | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcClientId | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcUsernameClaim | The default value is | |
oidcUsernamePrefix | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcGroupsPrefix | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcGroupsClaim | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcRequiredClaim | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcCAContent | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
Kube Controller Manager | horizontalPodAutoscalerSyncPeriod | By default, this field is left empty. |
concurrentTTLAfterFinishedSyncs | By default, this field is left empty. | |
largeClusterSizeThreshold | By default, this field is left empty. | |
unhealthyZoneThreshold | By default, this field is left empty. | |
secondaryNodeEvictionRate | By default, this field is left empty. | |
nodeEvictionRate | By default, this field is left empty. | |
podEvictionTimeout | By default, this field is left empty. | |
kubeAPIQPS | Valid values: 1 to 1000. By default, this parameter is left empty. | |
kubeAPIBurst | Valid values: 1 to 1000. By default, this parameter is left empty. | |
featureGates | The optional parameter is | |
Cloud Controller Manager | routeTableIDs | By default, this field is left empty. If there are multiple route tables in the VPC, you can manually set CCM to support multiple route table IDs, separated by commas (,), for example, |
Kube Scheduler | For information about customizing parameters through Kube Scheduler, see Customize Scheduler Parameters. | |
Ack Lingjun cluster
Component Name | Parameter | Parameter Description |
Kube API Server | enableAdmissionPlugins | By default, this field is left empty. |
serviceNodePortRange | Valid values: 10000 to 65535. By default, this parameter is left empty. Important Exercise caution when you modify the node port range. Ensure that the node port range does not conflict with the port range of the | |
requestTimeout | By default, this field is left empty. | |
defaultNotReadyTolerationSeconds | By default, this field is left empty. | |
defaultUnreachableTolerationSeconds | By default, this field is left empty. | |
maxMutatingRequestsInflight | Valid values: 1 to 1000. By default, this parameter is left empty. | |
maxRequestsInflight | Valid values: 1 to 3000. By default, this parameter is left empty. | |
featureGates | Optional parameters include Note
| |
oidcIssuerURL | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcClientId | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcUsernameClaim | The default value is | |
oidcUsernamePrefix | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcGroupsPrefix | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcGroupsClaim | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcRequiredClaim | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
oidcCAContent | By default, this field is left empty. Supported in Kubernetes 1.18 and later. | |
Kube Controller Manager | horizontalPodAutoscalerSyncPeriod | By default, this field is left empty. |
horizontalPodAutoscalerTolerance | By default, this field is left empty. | |
concurrentTTLAfterFinishedSyncs | By default, this field is left empty. | |
largeClusterSizeThreshold | By default, this field is left empty. | |
unhealthyZoneThreshold | By default, this field is left empty. | |
secondaryNodeEvictionRate | By default, this field is left empty. | |
nodeEvictionRate | By default, this field is left empty. | |
podEvictionTimeout | By default, this field is left empty. | |
kubeAPIQPS | Valid values: 1 to 1000. By default, this parameter is left empty. | |
kubeAPIBurst | Valid values: 1 to 1000. By default, this parameter is left empty. | |
featureGates | The optional parameter is | |
Cloud Controller Manager | routeTableIDs | By default, this field is left empty. If there are multiple route tables in the VPC, you can manually set CCM to support multiple route table IDs, separated by commas (,), for example, |
Kube Scheduler | For information about customizing parameters through Kube Scheduler, see Customize Scheduler Parameters. | |