This topic describes how to create a serverless Kubernetes (ASK) cluster in the Container Service for Kubernetes (ACK) console.



  1. Log on to the ACK console.
  2. In the left-side navigation pane of the ACK console, click Clusters.
  3. In the upper-right corner of the Clusters page, click Create Kubernetes Cluster.
  4. On the page that appears, click the Serverless Kubernetes tab and set the parameters.
    1. On the Cluster Configurations wizard page, configure the basic settings of the cluster.
      Parameter Description
      Cluster Name Enter a name for the cluster.
      Note The name must be 1 to 63 characters in length, and can contain digits, letters, and hyphens (-).
      Cluster Specification

      Select a cluster type. You can select Standard edition or Professional.

      Select Professional to create an ASK Pro cluster. For more information, see ASK Pro cluster overview.

      Region Select a region to deploy the cluster.
      Kubernetes Version

      The Kubernetes versions that are supported by ASK are displayed.

      IPv6 Dual-stack You can select Enable to create an ASK cluster that has IPv4/IPv6 dual stack enabled. This feature is in public preview. To use this feature, please log on the Quota Center to apply.
      • Only 1.20.11-aliyun.1 and later versions support IPv4/IPv6 dual stack.
      • To enable IPv4/IPv6 dual stack for an ASK cluster, you must first enable IPv4/IPv6 dual stack for the virtual private cloud (VPC) where you want to deploy the cluster.
      VPC Set the VPC where you want to deploy the cluster. Kubernetes clusters support only VPCs. You can select Create VPC or Select Existing VPC.
      • Create VPC: If you select this option, ACK automatically creates a VPC and a NAT gateway in the VPC. ACK also configures SNAT rules on the NAT gateway.
      • Select Existing VPC: If you select this option, you must select a VPC from the VPC drop-down list and select vSwitches in the vSwitch section. If you want to enable Internet access, for example, to download container images, you must configure a NAT gateway. We recommend that you upload container images to a Container Registry instance in the region where the cluster is deployed. This way, you can pull images through the VPC.
      Zone Select the zone where you want to deploy the cluster.
      Configure SNAT Specify whether to automatically create a NAT gateway and configure SNAT rules on the NAT gateway.

      This parameter is required only when you select Create VPC for VPC.

      Note After you select Create VPC, you can select or clear Configure SNAT. If you clear this check box, you need to manually create a NAT gateway and configure SNAT rules on the VPC. Otherwise, the cluster deployed in the VPC cannot access the Internet.

      For more information, see Create and manage Internet NAT gateways.

      Service CIDR

      Set Service CIDR. The CIDR block specified by Service CIDR cannot overlap with that of the VPC or those of the existing clusters in the VPC. The CIDR block cannot be modified after the cluster is created. The Service CIDR block cannot overlap with the pod CIDR block. For more information about how to plan CIDR blocks for an ACK cluster, see Plan CIDR blocks for an ACK cluster.

      Service IPv6 CIDR
      If you enable IPv4/IPv6 dual stack, you must specify an IPv6 CIDR block for Services. When you set this parameter, take note of the following items:
      • You must specify a unique local address (ULA) space within the address range fc00::/7. The prefix must be 112 bits to 120 bits in length.
      • We recommend that you specify an IPv6 CIDR block that has the same number of IP addresses as the Service CIDR block.
      For more information about how to plan CIDR blocks for an ACK cluster, see Plan CIDR blocks for an ACK cluster.
      Access to API Server
      By default, an internal-facing Server Load Balancer (SLB) instance is created for the Kubernetes API server of the cluster. You can change the specification of the SLB instance. For more information see Instance specifications.
      Important If you delete the SLB instance, you cannot access the Kubernetes API server of the cluster.
      Select or clear Expose API Server with EIP. The Kubernetes API server provides multiple HTTP-based RESTful APIs, which can be used to create, delete, modify, query, and monitor resources, such as pods and Services.
      • If you select this check box, an elastic IP address (EIP) is created and associated with the SLB instance. In this case, the Kubernetes API server of the cluster is exposed to the Internet through port 6443 of the EIP. You can use kubeconfig files to connect to and manage the cluster over the Internet.
      • If you clear this check box, no EIP is created. You can connect to and manage the cluster by using kubeconfig files only from within the VPC.

      For more information see Control public access to the API server of a cluster.

      Security Group
      You can select Create Basic Security Group, Create Advanced Security Group, or Select Existing Security Group. For more information about security groups, see Overview.
      Time Zone

      Select a time zone for the cluster. By default, the time zone of your browser is selected.

      Deletion Protection Specify whether to enable deletion protection for the cluster. Deletion protection prevents the cluster from being deleted in the console or by calling the API. This prevents user errors.
      Resource Group
      Move the pointer over All Resources at the top of the page and select the resource group that you want to use. After you select a resource group, virtual private clouds (VPCs) and vSwitches are filtered based on the selected resource group. When you create a cluster, only the VPCs and vSwitches that belong to the selected resource group are displayed in the console. Resource group
      Move the pointer over All Resources in the upper part of the page and select the resource group to which the cluster belongs. The name of the selected resource group is displayed.
      Add labels to the cluster. Enter a key and a value, and then click Add.
      • Key is required. Value is optional.
      • Keys are not case-sensitive. A key must be 1 to 64 characters in length, and cannot start with aliyun, http://, or https://.
      • Values are not case-sensitive. A value cannot exceed 128 characters in length, and cannot contain http:// or https://. A value can be empty.
      • The keys of labels that are added to the same resource must be unique. If you add a label with a used key, the label overwrites the label that uses the same key.
      • If you add more than 20 labels to a resource, all labels become invalid. You must remove excess labels for the remaining labels to take effect.
      Cluster Domain Enter a domain name for the cluster. Default value: cluster.local.
    2. Click Next:Component Configurations to configure components.
      Parameter Description
      Service Discovery Configure service discovery for the cluster. You can select Disable, PrivateZone, or CoreDNS.
      • Alibaba Cloud DNS PrivateZone is a DNS resolution service for private domain names within VPCs. You can use Alibaba Cloud DNS PrivateZone to resolve private domain names to IP addresses in one or more VPCs.
      • CoreDNS is a flexible and scalable DNS server that serves as a standard service discovery component in Kubernetes.
      Specify whether to install an Ingress controller. You can select Do Not Install, Nginx Ingress, or ALB Ingress.
      • Nginx Ingress: The NGINX Ingress controller is optimized based on open source ingress-nginx and provides flexible and reliable routing services based on Ingresses. For more information see Overview.
      • ALB Ingress: The Application Load Balancer (ALB) Ingress controller is compatible with the NGINX Ingress controller, and provides improved traffic routing capabilities based on ALB instances. The ALB Ingress controller supports complex routing, automatic certificate discovery, and HTTP, HTTPS, and QUIC protocols. The ALB Ingress controller meets the requirements of cloud-native applications for ultra-high elasticity and balancing of heavy traffic loads at Layer 7. For more information see ALB Ingress overview.
      Monitoring Service Specify whether to install metrics-server as the basic monitoring component in the cluster. The metrics-server component is a resource monitoring tool that ACK develops based on open source Metrics Server. metrics-server collects resource usage metrics for all pods in your cluster and enables the Horizontal Pod Autoscaler (HPA) to work based on the collected metrics. You can call the Metrics API to retrieve monitoring metrics.
      Log Service Specify whether to enable Log Service. You can select an existing Log Service project or create one.

      If Log Service is disabled, you cannot use the cluster auditing feature. For more information about Log Service, see Getting Started.

      Knative Specify whether to enable Knative. Knative is a Kubernetes-based serverless framework. Knative is intended for developing a cloud-native, cross-platform orchestration standard for serverless applications. For more information, see Overview.
    3. Click Next:Confirm Order. On the Confirm Order wizard page, confirm the configurations and select Terms of Service for Serverless Kubernetes.
  5. In the lower-right corner of the page, click Create Cluster.

What to do next

  • After the cluster is created, you can find the cluster on the Clusters page in the console.
    Create an ASK cluster
  • On the Clusters page, find the cluster that you created and click Details in the Actions column. On the details page, click the Basic Information tab to view basic information about the cluster and click the Connection Information tab to view information about how to connect to the cluster. Basic information