All Products
Search

This Product

    Container Service for Kubernetes:Use CloudBox resources in an ACK cluster

    Document Center

    Container Service for Kubernetes:Use CloudBox resources in an ACK cluster

    Last Updated:Apr 02, 2025

    CloudBox is a fully managed cloud service. It integrates the hardware and software of Alibaba Cloud public cloud, such as computing, storage, and network, into your on-premises data center to meet specific business requirements, including data security, on-premises data processing, and low latency. You can create a CloudBox node pool in a Container Service for Kubernetes (ACK) cluster to use the resources that are deployed in the CloudBox.

    Prerequisites

    • A CloudBox is created, resources are purchased, CloudBox acceptance is completed, and the CloudBox runs as normal. For more information about the billing and specifications of computing resources deployed in a CloudBox, see Compute SKU specifications.

    • The CloudBox is connected to the public cloud over a highly-available and low-latency connection. To ensure a better user experience, we recommend that you create a connection whose bandwidth is 50 Mbit/s or higher. For more information, see Deployment requirements.

    • A vSwitch is created in the zone of the CloudBox. For more information, see Create and manage a vSwitch.

    Limits

    Region limits

    The ACK cluster that needs to use CloudBox resources and the CloudBox must be deployed in the same region.

    Network limits

    • You cannot create Application Load Balancer (ALB) instances or Internet NAT gateways in the zone of the CloudBox for the ACK cluster. You can create an Internet NAT gateway in a zone of the public cloud.

    • You cannot associate elastic IP addresses (EIPs) with pods, Server Load Balancer (SLB) instances, or worker nodes that are deployed in the CloudBox.

    Cluster network mode limits

    Only ACK clusters that use the Flannel network plug-in support CloudBox resources. ACK clusters that use the Terway network plug-in do not support CloudBox resources.

    Service limits

    • When you create a LoadBalancer Service in the CloudBox, you need to specify the zone of the CloudBox for the Service. For more information, see Add annotations to the YAML file of a Service to configure CLB instances.

    • LoadBalancer Services in the CloudBox can be associated only with ECS instances that are deployed in the same CloudBox. LoadBalancer Services in the public cloud can be associated only with ECS instances that are deployed on the public cloud.

    Node and node pool limits

    • You cannot create ECS instances that use encrypted disks or preemptible instances as worker nodes in the zone of the CloudBox.

    • Node pools that use CloudBox resources and have auto scaling enabled do not support policies related to preemptible instances.

    Usage notes

    When the connection between the CloudBox and public cloud is interrupted, the ECS nodes added from the CloudBox to the ACK cluster can still work as normal. However, you cannot manage the workloads deployed on these nodes or add new ECS nodes from the CloudBox to the ACK cluster. In this scenario, we recommend that you check the network of the CloudBox and restore the connection at the earliest opportunity.

    When you use CloudBox resources in an ACK managed cluster, the control planes of the ACK managed cluster run in the zones of the public cloud. When the network of the CloudBox is interrupted, the nodes in the CloudBox are disconnected from the control planes of the ACK managed cluster. This causes the following issues:

    • The nodes time out and the status of the nodes changes to Not Ready.

    • The status of the pods changes to Unhealthy.

    • Pods are evicted from the nodes.

    • The backend nodes of the LoadBalancer Service are removed.

    • The endpoints of the Services change.

    Procedure

    You can create a CloudBox node pool in an ACK dedicated cluster or ACK managed cluster to use the resources that are deployed in the CloudBox.

    (Recommended) In an ACK dedicated cluster

    Important

    The creation of ACK dedicated clusters is disabled. Submit a ticket to make a request.

    You can perform the following steps to create control planes and node pools in the zone of the CloudBox.

    1. Log on to the ACK console. In the left-side navigation pane, click Clusters.

    2. On the Clusters page, click Create Kubernetes Cluster.

    3. Click the ACK dedicated cluster tab to create an ACK dedicated cluster. The following table describes the key parameters on the Cluster Configurations wizard page. For more information about how to configure other parameters, see Create an ACK dedicated cluster (discontinued).

      Parameter

      Description

      Region

      Select the region of the CloudBox.

      Network Plug-in

      By default, Flannel is selected.

      vSwitch

      Select a vSwitch in the zone of the CloudBox.

      Configure SNAT

      Clear the Configure SNAT for VPC check box.

      Expose API Server with EIP

      Do not select Expose API Server with EIP.

    4. Click Next:Confirm Order, confirm the configurations, read and select the terms of service, and then click Create Cluster.

      After the cluster is created, you can find the cluster on the Clusters page in the ACK console.

    In an ACK managed cluster

    You can perform the following steps to create a node pool that contains ECS instances deployed in the CloudBox.

    1. Log on to the ACK console. In the left-side navigation pane, click Clusters.

    2. On the Clusters page, click Create Kubernetes Cluster.

    3. Click the ACK managed cluster tab to create an ACK managed cluster. The following table describes the key parameters. For more information about how to configure other parameters, see Create an ACK managed cluster.

      Wizard page

      Parameter

      Description

      Cluster Configurations

      Region

      Select the region of the CloudBox.

      Network Plug-in

      By default, Flannel is selected.

      vSwitch

      Select a vSwitch deployed in a zone of the public cloud.

      Node Pool Configurations

      Quantity

      The node pool created in this step contains only nodes that are deployed in the zones of the public cloud. You can specify the number of nodes when you create the node pool.

      Note

      If you do not require nodes that are deployed in the zones of the public cloud, set the number of nodes to 0. Then, create a node pool that contains nodes from the CloudBox after the ACK cluster is created.

    4. Click Next:Confirm Order, confirm the configurations, read and select the terms of service, and then click Create Cluster.

      It requires about 10 minutes to create an ACK cluster with multiple nodes.

    5. On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.

    6. In the left-side navigation pane of the details page, choose Nodes > Node Pools.

    7. In the upper-right corner of the Node Pools page, click Create Node Pool. In the Create Node Pool dialog box, set vSwitch to a vSwitch in the zone of the CloudBox. For more information about other parameters, see Create and manage a node pool.

    8. Click Confirm Order.

      On the Node Pools page, check the Status column of the node pool. If the node pool is in the Initializing state, the node pool is being created. After the node pool is created, the Status column of the node pool displays Active.