All Products
Document Center

Container Service for Kubernetes:Create a registered cluster in the ACK console

Last Updated:Aug 11, 2023

This feature allows you to create a registered cluster and connect the registered cluster to a cluster that is deployed in a data center or on a third-party cloud. This way, you can manage your clusters in the ACK console in a centralized manner. This topic describes how to create a registered cluster and register an external cluster in the ACK console.



  1. Create a registered cluster.

    1. Log on to the ACK console. In the left-side navigation pane, click Clusters.

    2. In the upper-right corner of the Clusters page, click Create Kubernetes Cluster.

    3. On the Register Cluster tab, set the parameters.



      Cluster Name

      Enter a name for the cluster.


      The name must be 1 to 63 characters in length, and can contain digits, letters, hyphens (-), and underscores (_). The name cannot start with an underscore (_).

      Resource Group

      Move the pointer over All Resources at the top of the page and select the resource group that you want to use. After you select a resource group, virtual private clouds (VPCs) and vSwitches that belong to the resource group are displayed. When you create a cluster, only the VPCs and vSwitches that belong to the selected resource group are displayed in the console. Resource Group


      Select a region to deploy the cluster.


      Select a virtual private cloud (VPC) from the drop-down list.

      Network Plug-in

      If you select Disable, node pools are not used to scale computing resources. In this case, network plug-ins are not required.

      If you select Terway and IPVLAN, IPVLAN and Extended Berkeley Packet Filter (eBPF) are used to implement network interface controller (NIC) virtualization and sharing. In this case, you must use the Alibaba Cloud Linux 2 operating system.


      Select node vSwitches that belong to the specified VPC.

      Service CIDR

      This parameter is required if you select Terway for Network Plug-in.

      Use the default value unless you have specific requirements.

      Access to API Server

      By default, an internal-facing SLB instance is created for the Kubernetes API server of the cluster. You can modify the specification of the SLB instance. For more information, see Instance specifications.


      If you delete the SLB instance, you cannot access the API server of the cluster.

      Associate EIP

      Specify whether to associate an elastic IP address (EIP) with the cluster. If you select this check box, an EIP is automatically created and associated with the cluster.


      If the cluster is connected to Alibaba Cloud over the Internet, you must select this option. You do not need to select this option if the cluster is connected to Alibaba Cloud over an Express Connect circuit.

      Security Group

      You can select Create Basic Security Group, Create Advanced Security Group, or Select Existing Security Group. For more information about security groups, see Overview.

      • To enable the Select Existing Security Group option, apply to be added to the whitelist in Quota Center.

      • If you select an existing security group, the system does not automatically configure security group rules. This may cause errors when you access the nodes in the cluster. You must manually configure security group rules. For more information, see Configure security group rules to enforce access control on ACK clusters.

      Deletion Protection

      Specify whether to enable deletion protection for the cluster. Deletion protection prevents the cluster from being deleted in the console or by calling the API. This prevents user errors.


      Add labels to the cluster. Enter a key and a value, and then click Add.

      • Key is required. Value is optional.

      • Keys are not case-sensitive. A key must be 1 to 64 characters in length, and cannot start with aliyun, acs:, http://, or https://.

      • Values are not case-sensitive. A value must be 1 to 128 characters in length, and cannot start with aliyun, acs:, http://, or https://. The Value parameter can be left empty.

      • The keys of labels that are added to the same resource must be unique. If you add a label with a used key, the label overwrites the label that uses the same key.

      • If you add more than 20 labels to a resource, all labels become invalid. You must remove excess labels for the remaining labels to take effect.

      Terms of Service

      Read and select Terms of Service and Disclaimer.

    4. On the right of the page, click Create Cluster.

      You can find the newly created cluster on the Clusters page.集群列表

  2. Register a cluster.

    1. On the Clusters page, select the newly created cluster and click Details in the Actions column. In this example, select the cluster named test-external-cluster1.

    2. On the details page of the cluster, click the Connection Information tab.

    3. In the Agent for Connecting to the Cluster section, click the Public Network or Internal Network tab based on your business requirements and then click Copy on the right side. Create a YAML file and paste the copied code to the file. Then, use kubectl to execute the file and register the external cluster.

      For example, you can create a file named agent.yaml and paste the copied code to the agent.yaml file. Then, run the kubectl apply -f agent.yaml command in the cluster to register the cluster.


      If the cluster is connected to Alibaba Cloud over the Internet, select Public Network. If the cluster is connected to Alibaba Cloud over an internal network, select Internal Network.

    4. Run the following command in the cluster to query the status of the agent:

      kubectl -n kube-system get pod |grep ack-cluster-agent

      Expected output:

      ack-cluster-agent-5f7d568f6-6fc4k              1/1     Running   0          9s
      ack-cluster-agent-5f7d568f6-tf6fp              1/1     Running   0          9s

      After the cluster is registered, verify that the cluster is in the Running state on the Clusters page.


On the Clusters page, find the newly registered cluster and click Details in the Actions column. On the page that appears, you can view Basic Information and Connection Information about the cluster.

You can use kubeconfig to connect to the cluster and deploy applications in the cluster. For more information, see Use kubectl to connect to an ACK cluster.