This topic describes how to create a managed Kubernetes cluster that runs sandboxed containers in the Container Service for Kubernetes (ACK) console.
Prerequisites
- ACK and Resource Access Management (RAM) are activated.
-
ACK is activated in the ACK console. RAM is activated in the RAM console.
Limits
- ACK clusters support only virtual private clouds (VPCs).
- By default, each account is subject to specific quotas on cloud resources that can
be created. You cannot create clusters if the quota limit is reached. When you create
clusters, make sure that you have sufficient cloud resources. To increase the quota
of cloud resources for your account, submit a ticket.
- By default, you can create at most five clusters across all regions with each account.
Each cluster can contain at most 40 nodes. To increase the quota on the number of
clusters or nodes that you can create, submit a ticket.
Notice By default, you can add at most 48 route entries to the virtual private cloud (VPC) where an ACK cluster is deployed. This means that you can configure at most 48 route entries for an ACK cluster deployed in a VPC. To increase the quota on the number of route entries for a VPC, submit a ticket.
- By default, you can create at most 100 security groups with each account.
- By default, you can create at most 60 pay-as-you-go SLB instances with each account.
- By default, you can create at most 20 elastic IP addresses (EIPs) with each account.
- By default, you can create at most five clusters across all regions with each account.
Each cluster can contain at most 40 nodes. To increase the quota on the number of
clusters or nodes that you can create, submit a ticket.
- To create an ACK cluster that runs sandboxed containers, you must set the parameters
as described in the following table. Otherwise, the cluster cannot run sandboxed containers.
Parameter Description Zone Only Elastic Compute Service (ECS) bare metal instances support sandboxed containers. Make sure that ECS bare metal instances are available for purchase in the selected zone. Kubernetes Version Select 1.14.6-aliyun.1 or later. Container Runtime Select Sandboxed-Container. Worker Instance Select Create Instance. Billing Method Select ECS Bare Metal Instance. Mount Data Disk Mount a data disk of at least 200 GiB. We recommend that you mount a data disk of at least 1 TB. Operating System The Alibaba Cloud Linux operating system is the default operating system for a cluster that runs sandboxed containers. You cannot change the operating system.
Procedure
Result
- After the cluster is created, you can find the created cluster on the Clusters page in the ACK console.
- Click View Logs in the Actions column. On the Log Information page, you can view the cluster log. To view detailed log information, click Stack events.
-
Click Details in the Actions column. On the details page of the cluster, click the Basic Information tab to view basic information about the cluster and click the Connection Information tab to view information about how to connect to the cluster.The cluster information includes the following parameters:
- API Server Public Endpoint: the IP address and port that the API server uses to provide services over the Internet.
It allows you to manage the cluster by using kubectl or other tools on your client.
Bind EIP and Unbind EIP: These options are available only to managed Kubernetes clusters.
- Bind EIP: You can select an existing elastic IP address (EIP) or create one.
The API server restarts after you bind an EIP to the API server. We recommend that you do not perform operations on the cluster during the restart process.
- Unbind EIP: You cannot access the API server over the Internet after you unbind the
EIP.
The API Server restarts after you unbind the EIP from the API Server. We recommend that you do not perform operations on the cluster during the restart process.
- Bind EIP: You can select an existing elastic IP address (EIP) or create one.
- API Server Internal Endpoint: the IP address and port that the API server uses to provide services within the cluster. The IP address belongs to the Server Load Balancer (SLB) instance that is bound to the cluster.
- Testing Domain: the domain name that is used to test Services. The suffix of the domain name is
<cluster_id>.<region_id>.alicontainer.com
.Note To rebind the domain name, click Rebind Domain Name.
- API Server Public Endpoint: the IP address and port that the API server uses to provide services over the Internet.
It allows you to manage the cluster by using kubectl or other tools on your client.
- You can Connect to ACK clusters by using kubectl and run the
kubectl get node
command to view information about the nodes in the cluster.