Create an ACK managed cluster
When you use Container Service for Kubernetes (ACK) for the first time, you must grant system role permissions to your Alibaba Cloud account. This allows you to create clusters, store logs, and access other cloud services such as ECS, OSS, NAS, and SLB. This topic guides you through authorizing roles, activating related services for free, and quickly creating an ACK managed cluster.
1. Activate Container Service and authorize roles
Before you create an ACK cluster, you must activate the required services for free to prevent potential creation failures. Follow the steps below to activate the service and authorize the default service roles.
-
Activate ACK
The first time you use ACK, go to the ACK activation page. Read and agree to the Container Service for Kubernetes Terms of Service, and then click Enable Now.
In the Cluster type section, select ACK Pro or ACK Basic. If you select ACK Pro, both ACK Pro and ACK Basic are activated.
-
Authorize roles
When you log on to the Container Service console for the first time, you must authorize your Alibaba Cloud account to create default service roles for ACK. This authorization allows ACK to access other cloud resources to create, manage, and maintain clusters. Follow these steps:
Log on to the Container Service console. Click Go to RAM console to open the Resource Access Management (RAM) quick authorization page, and then click Confirm. After you complete the authorization, refresh the console.
For more information about the resource operation permissions of service roles, see ACK service roles.
2. Activate related cloud products
Using your Alibaba Cloud account, click the activation links to activate the related cloud services as needed. Only Alibaba Cloud accounts can activate cloud products. RAM users cannot activate cloud products. If you want to grant RAM users permissions to manage activated cloud products, see Authorization management FAQ.
-
Required: These services are hard dependencies for ACK clusters and must be enabled.
-
Recommended: These are common dependencies for cluster creation and application management.
-
Optional: Activate these services based on your business architecture and O&M requirements.
3. Create a cluster
When creating an ACK managed cluster, enable Auto Mode. This mode requires only simple configuration to build a cluster that follows best practices. By default, ACK creates and manages the lifecycle of a node pool. For more information, see Create an ACK cluster in Auto Mode.
If you need to specify detailed custom settings for the cluster, see the full procedure in Create an ACK managed cluster.
-
Log on to the Container Service console. On the Clusters page, click Create Kubernetes Cluster.
-
Select the ACK Managed Cluster tab and enable Auto Mode. If you want to access the cluster API server over the Internet, select Expose API server with EIP. This simplifies connecting to and managing the cluster. Then, click Confirm, review the settings, and click Create Cluster.
In quick creation mode, the default network plugin is Terway (with Trunk ENI selected), the service CIDR block is
192.168.0.0/16, the system automatically creates a VPC with Configure SNAT for VPC selected, and an enterprise-level security group.