When creating an ACK managed cluster, you can enable auto mode for streamlined deployment of Kubernetes clusters aligned with best practices. This mode triggers automated creation of a managed node pool with Container Service for Kubernetes (ACK) handling the full lifecycle management.
Before you enable auto mode, we recommend that you understand its features and scenarios. For more information, see Clusters.
Preparations
Planning and design
Before you create a cluster, we recommend that you plan and design the cluster configurations based on your requirements to ensure that the cluster runs in a stable, efficient, and secure manner.
Region: Services deployed in a region that is geographically closer to your users are more responsive when your users access the services.
Zone: We recommend that you configure multiple zones to ensure high availability of the cluster.
Plan the network of an ACK cluster: Configure the virtual private cloud (VPC) CIDR block, vSwitch CIDR block, container CIDR block, and Service CIDR block based on your business scenario and cluster size. Then, specify the IP address range of the cluster and the number of available IP addresses for pods and nodes.
Access to Internet: Specifies whether the nodes in the cluster can access the Internet. The cluster must have Internet when pulling public images.
Activation and authorization
Before you create a cluster, make sure that you activated ACK and assigned the ACK system role to your Alibaba Cloud account or RAM user. In addition, make sure that you activated cloud services such as VPC, Server Load Balancer (SLB), and NAT gateway. For more information, see Quickly create an ACK managed cluster.
If you purchase services such as CLB based on the pay-as-you-go billing method, make sure that the balance of your Alibaba Cloud account is sufficient to avoid overdue payments.
Procedure
Log on to the ACK console. In the left-side navigation pane, click Clusters.
On the Clusters page, click Create Kubernetes Cluster. On the ACK Managed Cluster page, enable Auto Mode. Configure the cluster based on the Configuration description section and the on-screen instructions. After clicking Confirm, confirm the cluster configurations and dependency check status, and read the service agreement.
Only ACK managed Pro clusters support Auto Mode. Cluster management fees and related cloud service fees are generated (such as Service A). You can view the total fees at the bottom of the cluster creation page. You can also view the billing documentation of ACK and other services. For more information, see Billing overview and Cloud resource fee.
You can click Generate API Request Parameters in the upper-left corner of the page to generate Terraform or SDK sample parameters for the cluster configurations.
After the cluster is created, the system automatically creates an intelligent managed node pool. This node pool automatically scales in and out based on the workloads. ACK manages the lifecycle of the nodes and is responsible for O&M tasks, such as operating system version upgrades, software version upgrades, and vulnerability fixes.
When ACK creates the cluster, ACK installs components based on the cluster configurations. The components may occupy compute resources in the cluster. The intelligent managed node pool automatically scales out to meet the resource requirements of the components.
Configuration description
You can create a cluster based on the default configuration or adjust the configuration based on your business requirements and account resources. In the Modifiable column of the table, indicates that the parameter cannot be modified after the cluster is created, and
indicates that the parameter can be modified. Pay attention to the parameters that cannot be modified.
Network configurations
Parameter | Description | Modifiable |
VPC | Configure the VPC of the cluster. You can specify a zone to automatically create a VPC. You can also select an existing VPC in the VPC list. | |
Configure SNAT | If the VPC that you created or selected cannot access the Internet, you can select this check box. This way, ACK automatically creates a NAT gateway and configures SNAT rules. If you do not select this check box, you can manually configure a NAT gateway and configure SNAT rules to ensure that instances in the VPC can access the Internet. For more information, see Create and manage an Internet NAT gateway. | |
vSwitch | Select an existing vSwitch from the vSwitch list or click Create vSwitch to create a vSwitch. The control plane and the default node pool use the vSwitch that you select. We recommend that you select multiple vSwitches in different zones to ensure high availability. | |
Access to API Server | Create a pay-as-you-go internal-facing Classic Load Balancer (CLB) instance for the API server to serve as the internal endpoint of the API server in the cluster. The API server provides multiple HTTP-based RESTful APIs, which can be used to create, delete, modify, query, and monitor resources such as pods and Services. You can select or clear Expose API server with EIP.
Important
| |
Network Plug-in | Flannel and Terway are supported. For more information about the comparison between Terway and Flannel, see Comparison between Terway and Flannel.
| |
Pod vSwitch | Configure this parameter only if you select Terway as the network plug-in. The vSwitch that is used to assign IP addresses to pods. Each pod vSwitch corresponds to a vSwitch of a worker node. The vSwitch of the pod and the vSwitch of the worker node must be in the same zone. Important We recommend that you set the subnet mask of the CIDR block of a pod vSwitch to no longer than 19 bits, but the subnet mask must not exceed 25 bits. Otherwise, the cluster network has only a limited number of IP addresses that can be allocated to the pods. As a result, the cluster may not function as expected. | |
Container CIDR Block | Configure this parameter only if you select Flannel as the network plug-in. The container CIDR block must not overlap with the CIDR block of the VPC, the CIDR blocks of the ACK clusters in the VPC, or the Service CIDR block. The container CIDR block cannot be modified after it is specified. For more information about how to plan CIDR blocks for a cluster, see Network planning of an ACK managed cluster. | |
Number of Pods per Node | Configure this parameter only if you select Flannel as the network plug-in. The maximum number of pods that can be stored on a single node. | |
Service CIDR | Specify the CIDR block of Services in the cluster. The Service CIDR block must not overlap with the CIDR block of the VPC, the CIDR blocks of the ACK clusters in the VPC, or the pod CIDR block. The Service CIDR block cannot be modified after it is specified. For more information about how to plan CIDR blocks for a cluster, see Network planning of an ACK managed cluster. | |
Service Discovery Mode | iptables and IP Virtual Server (IPVS) are supported.
|
Advanced options
What to do next
Appendix
Shared responsibility model
The auto mode of ACK managed clusters aims to provide automated and intelligent Kubernetes cluster O&M functions to reduce your effort in Kubernetes cluster O&M. In some scenarios, you must fulfill some responsibilities.
Alibaba Cloud responsibilities | Customer responsibilities | Shared responsibilities |
|
|
|
Quotas and limits
If the cluster size is large or the account has a large number of resources, follow the quotas and limits specified for ACK clusters. For more information, see Quotas and limits.
Limits: ACK configuration limits, such as account balance and capacity limit of a cluster, which is the maximum capacity of different Kubernetes resources in a cluster.
Quota limits and how to increase quotas: Quota limits for ACK clusters and the quota limits of cloud services that ACK depends on, such as ECS or VPC. If you want to increase the quota, see the related topics.