Limits - Container Service for Kubernetes - Alibaba Cloud Documentation Center

This topic describes the limits that apply when you use Container Service for Kubernetes (ACK).

Overview

Before you use ACK, take note of the following limits:

You must pass real-name verification before you can create an ACK cluster.
You cannot perform the following operations on an ACK cluster after it is created:
- Change the virtual private cloud (VPC) in which the cluster resides.
- Change the cluster type from ACK managed to ACK dedicated or from ACK Pro to ACK standard.
- Change the network plug-in.
- Change the volume plug-in.
- Migrate applications across different namespaces.
The following limits apply to Elastic Compute Service (ECS) instances in ACK clusters:
- The pay-as-you-go and subscription billing methods are supported. Other resources, such as Server Load Balancer (SLB) instances, support only the pay-as-you-go billing method. You can change the billing method of an ECS instance from pay-as-you-go to subscription in the ECS console.
- When you create, expand, or scale out ACK clusters, the system may fail to create ECS nodes if the ECS quota limit is reached or ECS instances are out of stock.
- If you choose the subscription billing method for ECS instances when you create a cluster, the system may fail to create ECS nodes if the ECS quota limit is reached or ECS instances are out of stock. However, subscription instances that have been created will not be released before their subscriptions expire. You can add these instances to other clusters if needed.
  Note
  To avoid paying for idle resources, we recommend that you choose the pay-as-you-go billing method for ECS instances when you create a cluster. You can change the billing method to subscription in the ECS console if needed.
- You must select instance types that provide at least 4 vCPUs and 8 GiB of memory.
Limits on access to control plane components:
Bandwidth limits apply when you access control pane components, including kube-apiserver and etcd, of a cluster by calling API operations or by using the CLI. If you attempt to read a large number of cluster events at a time, bandwidth throttling may be triggered and you may fail to read the events. We recommend that you query cluster events by using the Kubernetes event center feature of Log Service. Alternatively, you can add paging parameters, such as --chunk-size=500, to the API request or command lines to reduce the number of events to be read per request. If you frequently encounter bandwidth throttling on an ACK standard cluster, we recommend that you migrate workloads from the cluster to an ACK Pro cluster.
For more information about the Kubernetes event center feature of Log Service, see Scenario 1: Use node-problem-detector with the Kubernetes event center of Log Service to sink cluster events.
For more information about how to migrate workloads from an ACK standard cluster to an ACK Pro cluster, see Hot migration from ACK basic clusters to ACK Pro clusters.

Resource quota limits

The resource quota limits and use scenarios for ACK Pro clusters are different from the resource limits and use scenarios for ACK standard clusters.

ACK Pro clusters are ideal for enterprise customers.
Note
If you install Terway and enable the Terway IPVLAN mode in an ACK Pro cluster, you can create at most 5,000 nodes, 50,000 pods, and 64,000 mappings between pods and Services in the cluster.
ACK standard clusters are ideal for individual developers in terms of testing and learning.

Item	ACK Pro	ACK standard
etcd storage	8 GB	2 GB
Maximum etcd storage for each type of objects	800 MB	200 MB
Node	The default is 5000 and the maximum is 10000.	10
Pod	150,000	300
Configmap	30,000	300
Secret	30,000	300
PVC	100,000	1,000
PV	100,000	1,000
Service	10,000	100
CRD	100,000	1,000

Quotas

Cluster type		Maximum number of clusters within an Alibaba Cloud account	Maximum number of node pools in a cluster^①	Maximum number of nodes in a cluster	Maximum number of pods on a node^②	Adjustable
ACK managed	Standard	2	10	10	256	N/A
ACK managed	Pro	100	100	The default is 5000 and the maximum is 10000.	256	Go to the Quota Center page to submit a ticket
ACK dedicated		5	100	1000	256	Go to the Quota Center page to submit a ticket
ACK Serverless	Standard	2	N/A	N/A	1000^③	N/A
ACK Serverless	Pro	100	N/A	N/A	The default is 10000 and the maximum is 20000.	Go to the Quota Center page to submit a ticket
ACK edge	Standard	2	10	10	256	N/A
ACK edge	Pro	100	100	1000	256	Go to the Quota Center page to submit a ticket
Registered		5	100	N/A	256	Go to the Quota Center page to submit a ticket

^①To increase the maximum number of node pools supported by a cluster, you need to submit a ticket to request a quota increase for scaling groups.

^②This quota takes effect only in Flannel network mode and cannot be increased. In Terway network mode, this quota is determined by the number of IP addresses that can be allocated by the node.

^③ACK Serverless clusters do not contain nodes. The quota indicates the maximum number of pods on a node of an ACK Serverless standard cluster and cannot be increased.

Note

This topic lists only the default quotas. To increase quotas, go to the Quota Center page and submit applications.

Quota limits on underlying cloud resources

Category	Item	Quota for general users	Adjustable
ECS	Number of Resource Orchestration Service (ROS) templates	Default: 100	Submit a ticket
	Maximum number of vCPUs of all pay-as-you-go instances	500	Submit a ticket
	High-specification pay-as-you-go instances (equipped with more than 16 vCPUs)	Unavailable for purchase. Only pay-as-you-go instances with less than 16 vCPUs can be purchased.	Submit a ticket
	Maximum number vCPUs of all preemptible instances	800	Submit a ticket
	Change the billing method of an instance from pay-as-you-go to subscription	Unavailable for the following instance families: t1, s1, s2, s3, c1, c2, m1, m2, n1, n2, and e3.	Submit a ticket
	Maximum number of ECS instances in a scaling group	2,000	Go to the Quota Center page to submit a ticket
	Operating system	Nodes that run the following operating systems can be added to an ACK cluster: Alibaba Cloud Linux CentOS 7.x Note CentOS 8.x and later are not supported. Windows Server 2019 and Windows Server version 1809 and later.	N/A
Networking	Number of custom route entries in a route table	200	Go to the Quota Center page to submit a ticket
	Number of vSwitches in a VPC	24	Go to the Quota Center page to submit a ticket
	Number of VPCs within an Alibaba Cloud account	10	Go to the Quota Center page to submit a ticket
	Number of private IP addresses in a VPC	65535	N/A
	Number of IP addresses that can be added to a basic security group	2000	N/A
	Number of elastic network interfaces (ENIs)	50000	N/A
	Number of elastic IP addresses (EIPs) within an Alibaba Cloud account	20	Go to the Quota Center page to submit a ticket
SLB	Number of SLB instances within an Alibaba Cloud account	60	Go to the Quota Center page to submit a ticket
	Number of backend servers that can be attached to an SLB instance	200	N/A
	Number of listeners that can be added to an SLB instance	50	Go to the Quota Center page to submit a ticket
	Number of times that an ECS instance can be repeatedly added to SLB instances as a backend server	50	N/A
Elastic Block Storage (EBS)	Number of pay-as-you-go disks in all regions within an Alibaba Cloud account	This quota is five times the number of ECS instances across all regions within an Alibaba Cloud account. However, Alibaba Cloud allows you to create at least 10 pay-as-you-go disks in all regions within an Alibaba Cloud account.	Submit a ticket
Elastic Block Storage (EBS)	Total capacity of all pay-as-you-go disks that are used as data disks within an Alibaba Cloud account	This quota is subject to the number of ECS instances within the account, regions in which the ECS instances reside, and disk types that the ECS instances use. You can go to the Privileges & Quotas page in the ECS console to view details. For more information, see View and increase instance quotas.	Submit a ticket