Get started with Container Service for Kubernetes (ACK) by activating the service, authorizing service roles, and creating your first managed cluster. By the end of this guide, you will have a running ACK managed cluster ready for application deployment.
Prerequisites
Before you begin, ensure that you have:
-
An Alibaba Cloud account with billing enabled
-
(Optional) Familiarity with Kubernetes concepts such as clusters and nodes
Step 1: Activate ACK and authorize service roles
Activate ACK
Log on to the ACK activation page, read and select Terms of Service, and click Activate Now.
Authorize service roles
ACK requires service roles to call Alibaba Cloud APIs on your behalf — for cluster creation, log collection, network configuration, and other operations.
Log on to the ACK console. When prompted, click Go To RAM console to open the Resource Access Management (RAM) quick authorization page, then click Authorize. After authorization completes, refresh the console.
For details on what each service role can access, see ACK service roles.
Step 2: Activate cloud services
ACK clusters depend on several Alibaba Cloud services. Activate them before creating a cluster.
Only Alibaba Cloud accounts can activate cloud products. RAM users are not supported. To grant RAM users access to already-activated products, see Authorization management FAQ.
Required
These services must be active for an ACK cluster to function.
| Service | Purpose |
|---|---|
| Virtual Private Cloud (VPC) | Provides the private network and routing for your cluster |
| Server Load Balancer (SLB) | Distributes traffic to cluster nodes; prevents single points of failure; increases application throughput and improves service availability |
| Auto Scaling | Automatically adds or removes worker nodes as workload changes |
Recommended
Activate these services if you want monitoring, image management, storage, or serverless workloads.
| Service | Activate if you need to... |
|---|---|
| NAT Gateway | Enable Internet access for clusters and pull container images over the internet |
| Apsara File Storage NAS | Mount shared persistent file storage across multiple pods; benefits include shared access, elastic storage, high reliability, and high performance |
| Simple Log Service | Collect and query logs from ACK components and your applications |
| Managed Service for Prometheus | Monitor cluster health and receive alerts on anomalies |
| Container Registry | Store and manage container images with full lifecycle management |
| Elastic Container Instance | Run serverless elastic container instances on virtual nodes |
| Service Mesh | Manage traffic uniformly across multiple ACK clusters |
| CloudMonitor | Monitor node and application status across your clusters |
Optional
Activate these services based on your security, storage, or compliance requirements.
| Service | Activate if you need to... |
|---|---|
| Security Center | Detect and alert on runtime security events in your cluster |
| Object Storage Service (OSS) | Store application data in durable, cost-effective object storage |
| Key Management Service (KMS) | Manage and encrypt Kubernetes Secrets in ACK Pro clusters |
| Alibaba Cloud DNS PrivateZone | Resolve private domain names to IPs within your VPC |
| Cloud Backup | Back up cluster data and enable disaster recovery |
Step 3: Create a cluster
ACK offers two paths for cluster creation. Choose based on your goal:
| Path | Best for |
|---|---|
| Auto Mode (recommended) | Getting started quickly — ACK configures best-practice defaults and manages node lifecycle automatically |
| Custom configuration | Production clusters requiring specific network, storage, or node configurations |
This guide uses Auto Mode. For custom configuration, see Create an ACK managed cluster.
To create a cluster using Auto Mode:
-
Log on to the Container Service console. On the Clusters page, click Create Kubernetes Cluster.
-
Select the ACK Managed Cluster tab and enable Auto Mode. To connect to the cluster from outside Alibaba Cloud (for example, from your local machine during testing), select Expose API server with EIP. Click Confirm, review the selected configuration, and click Create Cluster.
ACK creates a managed cluster with a default intelligent managed node pool. Node provisioning and lifecycle management are handled automatically.
For more details on Auto Mode, see Create an ACK managed cluster (intelligent managed mode).
What's next
With your cluster running, deploy a workload or explore ACK's management capabilities:
-
Deploy an application — Use kubectl or the ACK console to deploy your first containerized application
-
Configure monitoring — Set up Managed Service for Prometheus or CloudMonitor to observe cluster health
-
Manage access — Create RAM users and grant them cluster-level permissions
-
Scale your cluster — Configure Auto Scaling policies to handle traffic spikes automatically