Release notes - Container Service for Kubernetes - Alibaba Cloud Documentation Center

This topic describes the release notes for Container Service for Kubernetes (ACK) and provides links to the relevant references.

Background information

Container Service for Kubernetes supports the following Kubernetes versions: 1.26, 1.24, and 1.22. For more information about how ACK supports Kubernetes versions, see Support for Kubernetes versions.
Container Service for Kubernetes supports the following operating systems: Alibaba Cloud Linux 2, Alibaba Cloud Linux 3, Alibaba Cloud Linux 3 Arm, Alibaba Cloud Linux UEFI 2, ContainerOS, CentOS 7.9, Windows Server 2019, Windows Server Core, and Version 2004.

August 2023

Product	Feature	Description	Region	References
ACK	Backup plans in ACK backup center optimized	Fuzzy search is supported for backup tasks in the ACK console. Backup tasks can be sorted based on creation time. In addition, backups and backup plans can be cloned.	All	Back up and restore applications
ACK Serverless	SidecarSet controller added to ack-virtual-node to use DaemonSet features	The SidecarSet controller is added to the ack-virtual-node component to inject sidecar containers into pods on virtual nodes by using SidecarSets. This allows you to inject containers into client pods as sidecar containers to use DaemonSet features, such as log collection and monitoring.	All	No impact on workloads
Cloud-native AI suite	Dynamic MIG partitioning supported by GPU scheduling	Multi-instance GPU (MIG) and dynamic partitioning are supported by GPU nodes with the required label after you install the cloud-native AI suite ack-ai-installer in an ACK managed cluster. Each node reports the maximum number of GPU instances that the node supports. Each container can apply for only one GPU instance.	All	Labels for GPU-accelerated node scheduling and methods for changing label values
	Notebook images supported by AI Developer Console	ack-ai-dev-console is an AI Developer Console component provided by the cloud-native AI suite. commit-agent and ack-commit-ctl are added to AI Developer Console to allow you to save notebooks on Elastic Compute Service (ECS) instances as images and use these images to restore notebooks.	All	Create and use a Jupyter notebook
	ack-fluid 1.0.3 released	The ack-fluid component is a distributed dataset orchestration and acceleration engine provided by the cloud-native AI suite. ack-fluid 1.0.3 supports privileged FUSE sidecar containers. This version also fixes the out of memory (OOM) issue for the JuiceFSRuntime controller, issues related to the auto recovery feature of FUSE, and the residual resource issue for runtime upgrades.	All	ack-fluid
	ack-kube-queue 0.2.0 released	ack-kube-queue is a job queue component provided by the cloud-native AI suite. ack-kube-queue 0.2.0 allows you to enable blocking queues for a single queue and can re-add TensorFlow jobs and PyTorch jobs to a queue when these jobs time out. This version also allows you to add Argo workflows to a queue and limit the number of jobs that can leave a queue at a time. In addition, the log that records dequeue failures is optimized.	All	ack-kube-queue
Distributed Cloud Container Platform for Kubernetes (ACK One)	SLB instance management with cloud controller manager (CCM) supported by registered clusters	The CCM allows you to use basic services of Alibaba Cloud, such as Classic Load Balancer (CLB), in ACK. You can install the CCM in registered clusters of ACK One to manage Server Load Balancer (SLB) instances.	All	none
	Custom DNS servers supported by registered clusters	Self-managed DNS servers can be specified for elastic container instances in registered clusters.	All	none
	Application migration to ACK One GitOps in an automated manner	onectl can be used to migrate applications to ACK One GitOps in an automated manner. Application Center is no longer updated and will be progressively discontinued. You can use onectl to migrate applications from Application Center to ACK One GitOps in an automated manner.	All	Use onectl to migrate applications to ACK One GitOps in an automated manner
	Public access to Argo CD	Public access to Argo CD can be enabled to allow you to use Argo CD to deliver or access applications from the ACK One console.	All	Enable public access to Argo CD

July 2023

Feature	Description	Region	References
ACK Standard clusters renamed as ACK Basic clusters	ACK Standard clusters are renamed as ACK Basic clusters. The following clusters are affected: ACK manage clusters, ACK Serverless clusters, and ACK Edge clusters. The corresponding parameter in API operations remains unchanged. ACK Basic clusters are only for personal use and testing purposes. Use ACK Pro clusters in production environments.	All	Hot migration from ACK Basic clusters to ACK Pro clusters
ALB Ingress controller v2.9.0-aliyun.1 released	ALB Ingress controller v2.9.0-aliyun.1 is released.	All	ALB Ingress Controller
Terway 1.5.5 released	Terway 1.5.5 is released to support elastic network interfaces (ENIs) filters.	All	Configure an ENI filter
GPU-accelerated node diagnostics supported by Container Intelligence Service	GPU-level GPU diagnostics are supported by ACK clusters. You can collect basic GPU metrics to troubleshoot issues.	All	Diagnose GPU-accelerated nodes
IP-aware pod scheduling and topology-aware pod scheduling supported by the ACK scheduler	IP-aware pod scheduling When pods are scheduled to a node but the node does not have sufficient idle IP addresses, the node is blacklisted for five minutes. IP-aware pod scheduling can prevent pod scheduling failures caused by insufficient idle IP addresses when the ACK scheduler needs to schedule large numbers of pods. IP-aware pod scheduling applies only to ACK Pro clusters that use Terway. Topology-aware pod scheduling Topology-aware pod scheduling allows you to define a group of pods with the same topology constraints. The system attempts to schedule these pods to different topology domains until it finds the topology domain that meets the topology constraints of the pods. This feature can schedule pods to the same deployment set to reduce the response latency and improve the availability of your application. Resource information of elastic quotas Capacity Scheduling allows you to query the resource request and resource usage information of each elastic quota in an ElasticQuotaTree.	All	No impact on workloads
Backup plans in ACK backup center optimized	Namespaces can be selected by excluding specific namespaces. Backup plans can be created and copied.	All	Backup center overview
Serverless Kubernetes (ASK) renamed as ACK Serverless	ASK is renamed as ACK Serverless and ASK clusters are renamed as ACK Serverless clusters. ACK Serverless clusters are billed based on uptime in seconds and support auto scaling within a few seconds. You do not need to maintain clusters and nodes when you use ACK Serverless clusters.	All	ASK renamed as ACK Serverless
KServe supported by ACK Serverless clusters to accelerate the deployment of AI models	KServe is a machine learning model service framework developed based on Kubernetes to provide simple Kubernetes CustomResourceDefinitions (CRDs) to allow you to deploy one or more trained models to a model service runtime. For example, you can deploy TFServing, TorchServe, and Triton models. You can deploy the KServe component in ACK Serverless clusters with a few clicks. This component provides out-of-the-box model services to help you build custom model service runtimes.	All	Deploy KServe Quickly deploy an inference Service based on KServe
Fully-managed core components supported by ACK Serverless clusters to simplify O&M	The following components are fully managed in ACK Serverless Pro clusters: the Kube scheduler, CCM, Kube controller manager, Kube API server, and CoreDNS. These components do not occupy your resources, which greatly reduce the complexity of cluster maintenance.	All	What is ACK Serverless?
Preemptible instance creation accelerated for ACK Serverless clusters	ACK Serverless allows you to create instances of up to one million CPU cores within one hour to handle large numbers of concurrent jobs, such as Spark jobs. This reduces the waiting time of the jobs in the queue and guarantees sufficient computing power in big data scenarios where computing and storage are decoupled.	All	Use ACK Serverless to create Spark jobs
ack-kube-queue 0.1.12 released	Blocking policy for a single queue ack-kube-queue supports blocking queues. After you enable blocking queues, the system attempts to schedule the first job in a queue until the job leaves the queue. The system does not schedule the remaining jobs in the queue until the first job leaves the queue. ack-kube-queue 0.1.12 allows you to configure environment variables in the Kube queue controller to enable blocking queues and configure the blocking policy for a single queue. Job dequeue timeout policy The `jobrunningtimeout` and `jobbackofftime` parameters can be used to control the job dequeue policy. When a job leaves the queue but fails to start within the time period specified by jobrunningtimeout, the job enters the backoff state. After the time period specified by jobbackofftime ends, the job is re-added to the queue. This can help resolve the issue that small jobs cannot leave the queue due to insufficient resource quotas when the system fails to schedule large jobs due to resource fragments. Only TensorFlow jobs and PyTorch jobs support this feature.	All	No impact on workloads
ack-fluid 1.0.2 released	ack-fluid is a distributed dataset orchestration and acceleration engine provided by the cloud-native AI suite. The following new features are supported by ack-fluid: Security hardening for Fluid control plane components. Local disks as caches for elastic container instances. Data preloading at a scheduled time with DataLoad.	All	No impact on workloads
Registered cluster creation and management with onectl	onectl can be used to create registered clusters, connected registered clusters to external Kubernetes clusters, configure permissions, and install components.	All	Use onectl to create a registered cluster Use onectl to manage registered clusters
Using registered clusters to allow external Kubernetes clusters to use CPU and GPU resources provided by serverless ECI	Registered clusters can be used to allow external Kubernetes clusters in data centers to use CPU and GPU resources provided by serverless Elastic Container Instance (ECI).	All	Use registered clusters to allow external Kubernetes clusters to use CPU and GPU resources provided by serverless ECI

June 2023

Feature	Description	Region	References
ACK cluster updates to Kubernetes 1.26 supported	The Kubernetes version of ACK clusters can be updated to 1.26.	All	Kubernetes 1.26 release notes
Network diagnostics supported by Container Intelligence Service	Container Intelligence Service supports network diagnostics based on Skoop to improve O&M capabilities.	All	Network diagnostics
Capabilities of ACK backup center enhanced	The capabilities of the ACK backup center are enhanced. The following new features are added: Backup plan editing. Advanced configuration display for backup tasks and snapshots.	All	Backup center overview
New ACK scheduler version released	The following new features are added to the new ACK scheduler version: Topology-aware GPU scheduling is supported by ACK clusters that run Kubernetes 1.26. The feature of custom elastic resource priorities is updated. You can specify the maximum number of pods that can be scheduled for each resource level.	All	kube-scheduler
Cloud-native AI suite supported by ACK Serverless Pro clusters	ACK Serverless clusters can provide reliable, O&M-free, and highly elastic environments for AI, machine learning, and big data workloads. You can install and activate the cloud-native AI suite in ACK Serverless Pro clusters with a few clicks to improve the availability and performance of your applications. Arena is an efficient tool to submit and manage jobs that use mainstream AI computing frameworks. Fluid provides data elasticity and data preloading to support serverless scenarios. These features can improve the efficiency and performance of AI, machine learning, and big data workloads deployed in ACK Serverless clusters.	All	Deploy the cloud-native AI component set
Acceleration of access to PVs and hostPath volumes with Fluid in hybrid cloud environments	JindoRuntime is a Fluid runtime engine developed by the Alibaba Cloud E-MapReduce (EMR) team based on JindoFS. JindoRuntime provides dataset management and caching for Fluid. JindoRuntime can cache data stored in Kubernetes hostPath volumes and persistent volumes (PVs) to accelerate data access. In hybrid cloud environments, you can use PVs to mount any self-managed storage systems, such as CephFS, or use hostPath volumes to mount self-managed storage systems. This helps accelerate access to the self-managed storage systems.	All	Use JindoRuntime to accelerate access to PVs Accelerate access to hostPath volumes
DeepSpeed jobs supported by Arena and DeepSpeed distributed training best practices available	DeepSpeed is an open source deep learning optimization software suite that provides distributed training and model optimization to accelerate model training. The cloud-native AI suite uses Arena to support DeepSpeed jobs. You can use Arena to quickly submit DeepSpeed distributed training jobs and use TensorBoard to view these jobs in a visualized manner.	All	DeepSpeed distributed training
ARM-based nodes supported by ack-kube-queue	ack-kube-queue is a Kubernetes queue component provided by the cloud-native AI suite. ack-kube-queue works with the scheduler and quota system to allow you to manage queues, schedule jobs based on priorities, and use elastic quotas. ARM-based nodes are supported by ack-kube-queue to optimize the management and scheduling of AI, machine learning, and batch computing workloads on ARM-based nodes.	All	Use ack-kube-queue to manage job queues
Application migration to ACK One GotOps supported by ACK One	ACK One allows you to migrate applications from Application Center to ACK One GitOps. ACK One GitOps manages open source Argo CD, provides a dedicated console domain name, and integrates Alibaba Cloud account single sign-on (SSO) to support multi-cluster application delivery.	All	Migrate applications to ACK One GitOps
Policy management supported by registered clusters	Registered clusters provide a variety of policy governance rules and a powerful console based on Open Policy Agent (OPA) and the gatekeeper admission controller to ensure the security of registered clusters.	All	Configure ACK pod security policies in registered clusters
ACK One multi-cluster GitOps best practice released	The ACK One GitOps best practice demonstrates how to use the out-of-the-box GitOps features to release, update, and roll back multi-cluster applications. In addition, GitOps can be used together with Continuous Integration (CI) pipelines and used to manage user permissions.	All	Best practice for ACK One GitOps

May 2023

Feature	Description	Region	References
Kubernetes 1.26 supported by ACK	Kubernetes 1.26 is supported by ACK. You can create ACK clusters that run Kubernetes 1.26.	All	Kubernetes 1.26 release notes
csi-compatible-controller supported by ACK	The csi-compatible-controller component allows you to use FlexVolume and CSI in the same ACK cluster and migrate from FlexVolume to CSI by changing the type of volumes mounted to the applications in the cluster.	All	csi-compatible-controller Use csi-compatible-controller to migrate from FlexVolume to CSI
Creating elastic container instances from specified ECS instance types supported by ACK Serverless clusters	ACK Serverless clusters allow you to create elastic container instances from specified ECS instance types. These elastic container instances support multiple processors and can help you reduce the instance cost by 40% compared with the previous generation instances. In addition, you can purchase savings plans through annual subscriptions to reduce the cost by 10% when handling unexpected traffic fluctuations.	All	Create an ECI from a specified ECS instance type
Cost insights supported by ACK Serverless clusters	Cost insights are supported by ACK Serverless clusters. Cost insights allow you to analyze the cost of elastic resources in terms of clusters, namespaces, and applications, and perform fine-grained cost prediction and locate the root cause. This feature can help IT asset administrators optimize resource allocation and billing methods and make cost governance much easier.	All	Overview of cost insights
Blocking queues and strict priority scheduling supported by ack-kube-queue	ack-kube-queue allows system administrators to customize job queue management and improve the flexibility of queues. ack-kube-queue also supports blocking queues. After you enable blocking queues, the system attempts to schedule the first job in a queue until the job leaves the queue. The system does not schedule the remaining jobs in the queue until the first job leaves the queue. ack-kube-queue supports strict priority scheduling. After you enable strict priority scheduling, resources are preferably scheduled to jobs with higher priorities and jobs whose creation times are earlier. This ensures that jobs in the backoff state can be scheduled.	All	Use ack-kube-queue to manage job queues
Visual Studio (VS) Code notebooks supported by cloud-native AI suite	The cloud-native AI suite allows you to create VS Code notebooks to develop and debug machine learning algorithms, and submit these algorithms to ACK clusters for model training. The cloud-native AI suite allows you to set up an AI development environment by deploying open source JupyterLab, custom Juypter notebook images, or custom VS Code notebook images in your ACK cluster, and integrate the configurations of the cloud-native AI suite with the permission management system of ACK.	All	Create and use a Jupyter notebook
Enabling and redirecting to GitOps supported by ACK One	ACK One supports the GitOps feature. You can enable or disable the GitOps console on the master instance page of the ACK One console. A hyperlink is also provided to redirect you to the GitOps console.	All	Log on to the GitOps system
GitOps control plane logs and audit logs	ACK One allows you to view the control plane logs and audit logs of GitOps. You can view these logs on the master instance page of the ACK One console.	All	Enable the collection of the control plane logs and audit logs of GitOps

April 2023

Feature	Description	Region	References
Simultaneous deletion of Log Service projects and clusters	When you delete a cluster, you can specify whether to delete the Log Service project used by the cluster at the same time. Important A Log Service project includes multiple Logstores. After the project is deleted, data in the Logstores is also deleted. Proceed with caution.	All	Delete a cluster
ACK scheduler 4.1 released	The elastic scheduling feature allows you to use elastic resources to schedule pods to ARM-based nodes. To prevent resource leaks, if the elastic quota of an application is exhausted in capacity scheduling scenarios, cluster-autoscaler is forbidden to create more nodes by default. In gang scheduling scenarios, if the number of application pods cannot meet the gang scheduling requirements, cluster-autoscaler is forbidden to create more nodes by default.	All	kube-scheduler
Fluid control plane component monitoring	Fluid is a Kubernetes-native distributed dataset orchestration and acceleration engine that serves data-intensive applications, such as big data applications and AI applications, in cloud-native scenarios. ACK allows you to install the Fluid monitoring component on Prometheus instances of Managed Service for Prometheus with a few clicks and use the out-of-the-box dashboards provided by Managed Service for Prometheus to monitor the control plane components of Fluid.	All	Enable monitoring for the Fluid control plane components
Multi-tenant access control supported by ACK One GitOps	You can configure multi-tenant access control for ACK One GitOps to manage the permissions of different roles and mitigate potential security risks.	All	Configure multi-tenant access control for ACK One GitOps

March 2023

Feature	Description	Region	References
vSwitch configuration supported in the Terway settings	vSwitches can be added or removed in the ACK console. You can add or remove vSwitches when you modify the terway-eniip component on the Add-ons page of the ACK console.	All	Increase the number of pod vSwitches in a cluster that uses the Terway plug-in
NAS or CPFS client I/O operation troubleshooting through CNFS dashboards supported	Container Network File System (CNFS) dashboards can be used to troubleshoot issues related to I/O operations on clients and locate the pods that cause the issues. For example, you can troubleshoot frequent I/O operations that may slow down the system and high bandwidth usage on clients.	All	Use the observabilities of CNFS to identify the issues caused by I/O operations on the NAS or CPFS client
RAM user permission management supported by ACK One	Resource Access Management (RAM) users can be authorized to access and manage the master instances by using administrator accounts of master instances of Alibaba Cloud Distributed Cloud Container Platform (ACK One).	All	Grant permissions to a RAM user
Automatic application updates supported by ACK One GitOps Image Updater	Automatic application updates are supported by ACK One GitOps Image Updater. You can configure ACK One GitOps Image Updater to monitor image updates in Container Registry and automatically trigger application updates when new image versions are pushed to Container Registry. This allows you to build a GitOps pipeline based on third-party CI systems to automate application delivery.	All	Use ACK One and Container Registry to build a GitOps pipeline to automate application delivery
Metering method and pricing solution updates for the cloud-native AI suite	The metering method and pricing solution of the cloud-native AI suite are updated to improve metering accuracy and apply tiered pricing. The 50% discount for the cloud-native AI suite ends at 00:00:00 (UTC+8) on April 1, 2023. Beginning 00:00:00 (UTC+8) on April 1, 2023, you are charged for using the cloud-native AI suite.	All	[Product Changes] Cloud-native AI suite metering method and pricing solution updates Billing of the cloud-native AI suite
ack-fluid 0.9.7 released	ack-fluid 0.9.7 is released. ack-fluid is a cache accelerator that is included in the cloud-native AI suite. Some known issues are fixed and security is reinforced in ack-fluid 0.9.7.	All	[Component Updates] Update ack-fluid
Advanced features supported for gang scheduling	Advanced features are supported for gang scheduling, such as the GangGroup feature. ACK Pro clusters support gang scheduling to enable job scheduling in all-or-nothing scenarios. When you use gang scheduling, some jobs may use different roles. Using only one PodGroup to manage the pods of all roles cannot meet the requirements of different roles on the min-available resource. If you create multiple PodGroups for the roles, the pods of the roles cannot be scheduled in one batch. To resolve this issue, you can use the GangGroup feature to manage multiple gangs as a group. The job can be run only when the number of pods that are scheduled reaches the value of the min-available parameter for each role. In addition, gang scheduling retries can be controlled by claiming a matchpolicy.	All	Use gang scheduling

February 2023

Feature	Description	Region	References
Custom parameters supported by kubelet	Kubelet configurations can be customized to manage the behavior of nodes. ACK allows you to customize the kubelet configurations of nodes in a node pool. After the modification is complete, the new configurations immediately take effect on existing nodes in the node pool in batches and are automatically applied to newly added nodes.	All	Customize the kubelet configurations of a node pool
Service diagnostics supported by AIOps	The Service diagnostics feature is supported by AIOps. You can use this feature to troubleshoot CLB issues related to billing methods, certificates, reuse of CLB instances, CLB quotas, and anomaly events.	All	Service diagnostics
Cloud disk type configurable	The type of cloud disks mounted to your application can be changed. Assume that you have created a standard SSD for your application. If your application requires a higher IOPS, you can upgrade the type of the disk from standard SSD to enhanced SSD (ESSD).	All	Change the type of a cloud disk
Disks of the cloud_auto type supported by dynamically provisioned volumes	In addition to disks of the cloud_efficiency, cloud_ssd, cloud_essd, and available types, disks of the cloud_auto type can also be mounted as dynamically provisioned volumes.	All	Use a dynamically provisioned disk volume
Alibaba Cloud accounts supported for logging on to the Argo CD UI or Argo CD CLI	By default, ACK One GitOps supports single sign-on (SSO) when you use RAM users to log on to the Argo CD UI or Argo CD CLI. After you log on to the ACK One console by using an Alibaba Cloud account, you can use SSO to log on to the Argo CD UI or Argo CD CLI without entering a username and a password.	All	Log on to the GitOps system

Historical releases

For more information about ACK release notes before 2023, see Historical release notes (before 2023).