Container Service for Kubernetes (ACK) allows you to use an elastic IP address (EIP) to expose the API server of a cluster. After you use an EIP to expose the API server of a cluster, the API server can be accessed over the Internet. You can associate an EIP with the API server of a cluster when you create the cluster or after the cluster is created. This topic describes how to control public access to the API server of a cluster by associating an EIP with or disassociating an EIP from the API server.

Associate an EIP with the API server when you create a cluster

When you create a cluster, select Expose API Server with EIP to enable public access to the API server of the cluster. For more information about how to create a cluster, see Create an ACK managed cluster.

EIP

Associate an EIP with the API server after a cluster is created

If you do not select Expose API Server with EIP when you create a cluster, you can perform the following steps to associate an EIP with the API server after the cluster is created.
Notice You can associate an EIP with the API server after the cluster is created only if the cluster is an ACK standard cluster, ACK Pro cluster, or serverless Kubernetes (ASK) cluster.
  1. Log on to the ACK console.
  2. In the left-side navigation pane of the ACK console, click Clusters.
  3. On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.
  4. On the Cluster Information page, click the Basic Information tab. In the Cluster Information section, click EIP.
    Associate an EIP
  5. In the EIP dialog box, select an EIP and click OK.
    After the EIP is associated with the API server, a public IP address appears on the right side of the API Server Public Endpoint field.
    Notice The API server restarts after you associate an EIP with the API server. We recommend that you do not perform operations on the cluster during the restart process.

Disassociate or change an EIP

You can disassociate or change the EIP that is associated with the API server of a cluster. After you disassociate the EIP from the API server of a cluster, the API server cannot be accessed over the Internet.

Change an EIP
Notice You can change and disassociate an EIP that is associated with the API server of a cluster only if the cluster is an ACK standard cluster, ACK Pro cluster, or ASK cluster.