Container Service for Kubernetes (ACK) allows you to create managed node pools. Managed node pools can automate O&M tasks for specific nodes. For example, managed node pools can automatically patch Common Vulnerabilities and Exposures (CVE) vulnerabilities or fix specific anomalies. This improves the O&M efficiency.

Background information

The following list describes the terms that are related to node pools:
  • Basic node pool: You can use a basic node pool to manage a group of nodes that have the same configurations, such as specifications, labels, and taints. You can manually manage and maintain the nodes in a basic node pool.
  • Managed node pool: Managed node pools provide automated O&M features, such as automatic vulnerability patching and automatic node repair.
    Note Managed node pools can improve the O&M efficiency but you may still need to manually fix specific node issues. For more information about automatic node repair, see Auto repair.
  • Replacing system disks: You can initialize a node by replacing the system disk of the node. After the system disk is replaced, the attributes of the IaaS resources that are attached to the node remain unchanged, such as the node name, the related instance ID, and the assigned IP addresses. However, the data on the original system disk is deleted after the node is initialized. The data disks that are mounted to the node are not affected.
    Notice Do not use system disks to persist data. We recommend that you use data disks instead.
  • In-place upgrades: You can upgrade the components on a node as required. This is an alternative to replacing the system disk of a node. In-place upgrades do not replace system disks, initialize nodes, or destroy the data on nodes.

Scenarios

  • Managed node pools are ideal for users that want to focus on application development instead of managing and maintaining worker nodes.
  • These users require elasticity instead of immutability for workloads. The pods of their applications are insensitive to node changes and are tolerable to migrations.

Comparison between managed node pools and basic node pools

Item Regular node pool Managed node pool
O&M Managed by users Partially managed by ACK
Scaling Manually performed Manually performed
Auto scaling Can be enabled Can be enabled
Billing method Pay-as-you-go or subscription Pay-as-you-go or subscription
Node update
  • Nodes must be manually updated.
  • Only kubelet versions can be updated.
  • Update is implemented by using in-place upgrades.
  • Nodes must be manually updated.
  • Various updates are supported, such as kubelet version update and CVE vulnerability fixing.
  • Update is implemented by replacing system disks
Node exception fixing Manually performed Automatically performed
Note Managed node pools help simplify your O&M work. However, you may still need to manually fix some complicated node exceptions. For more information about automatic node repair, see Auto repair.
Key management Key pairs and passwords are supported. Only key pairs are supported.
Operating system The following operating systems are supported:
  • CentOS
  • Alibaba Cloud Linux
  • Windows
The following operating systems are supported:
  • ContainerOS
  • CentOS
  • Alibaba Cloud Linux
  • Windows

Features

  • You can create multiple managed node pools in an ACK cluster. The configuration of each managed node pool can be different from the others. This allows you to manage multiple groups of nodes with different specifications.
  • Before a node is upgraded by replacing the system disk of the node, ACK runs the kubectl cordon command to change the node to the Unschedulable state. Then, ACK evicts the pods on the node. If the pods are not evicted within 15 minutes, ACK forcibly replaces the system disk.
  • A managed node pool monitors the status of nodes in the node pool. If a node does not report its status for more than 10 minutes or the status of a node is NotReady, ACK restarts the node to restore the workloads on the node.
  • You can transform a managed node pool to a basic node pool by disabling the managed node pool feature or transform a basic node pool to a managed node pool by enabling the feature.
  • If you want to disable the automated O&M feature for a managed node pool, go to the Cluster Information page, click the Basic Information tab, and turn off Maintenance Window. For more information, see View cluster information.

Considerations

  • Managed node pools upgrade nodes by replacing the system disks of the nodes. After the nodes are upgraded, the data stored on the previous system disks is deleted. The data disks that are mounted to the nodes are not affected. Do not use system disks to persist data.
  • Before a managed node pool replaces the system disk of a node, it disables and drains the node. This may restart the pods on the node and interrupt persistent connections.
  • When exceptions occur on a node in a managed node pool, the managed node pool may restart the node to fix the exceptions. This restarts the pods on the node.
  • To patch CVE vulnerabilities, you must activate Security Center and ensure a sufficient quota of servers that can be protected by Security Center. For more information, see Purchase Security Center.
  • We recommend that you enable the event center so that you can receive alert notifications about managed node pools. For more information about how to enable the event center, see Event monitoring.