Container Service for Kubernetes (ACK) provides the cluster inspection feature. You
can use this feature to periodically scan a cluster and identify potential risks in
the cluster. For example, you can use this feature to check the remaining quotas of
cloud resources and the usage of key resources in an ACK cluster. This topic describes
how to use the cluster inspection feature to identify potential risks.
Configure the cluster inspection feature
When ACK performs a cluster inspection, ACK collects data from the nodes in the cluster
and then generates an inspection report. The information that ACK collects includes
the system version, the workloads, the status of the components such as Docker and
Kubelet, and the key information about the errors that are recorded in the system
log. ACK does not collect business information or sensitive data. You can perform
the following operations to configure the cluster inspection feature:
- Log on to the ACK console.
- In the left-side navigation pane of the ACK console, click Clusters.
- On the Clusters page, find the cluster on which you want to perform a check and choose in the Actions column.
- In the left-side navigation pane of the Container Intelligence Service console, choose
.
- In the Schedule Rule section, click Add.
- In the Configure panel, specify the time zone and inspection schedule.
If an inspection rule already exists, you can click
Delete in the
Schedule Rule section of the
Regular Inspection page to delete the inspection rule. After you delete the existing inspection rule,
you can add a new inspection rule.
After you add an inspection rule, ACK inspects the cluster at the scheduled time.
If ACK identifies potential risks, ACK generates events. You can log on to the ACK console and then view the events in the Events section on the Overview tab of the cluster.
Note On the Regular Inspection page, you can click Start in the Reports section to manually trigger a cluster inspection.
- (Optional) Configure alerting for ACK.
You can configure alerting for ACK. This way, ACK can send alert notifications to
you at the earliest opportunity. For more information, see
Alert management.
View cluster inspection reports
After you configure the cluster inspection feature, ACK inspects the cluster at the
scheduled time. You can perform the following operations to view the cluster inspection
reports:
- Log on to the ACK console.
- In the left-side navigation pane of the ACK console, click Clusters.
- On the Clusters page, find the cluster on which you want to perform a check and choose in the Actions column.
- In the left-side navigation pane of the Container Intelligence Service console, choose
.
- In the Reports section, click Details in the operation column of of a report.
The following figure shows a cluster inspection report.

The report displays the severity levels, names, and descriptions of different risks
and provides suggestions on how to handle the risks. The severity levels include low,
medium, and high. You can handle risks on the report details page. For more information
about common risks and suggestions on how to handle the risks, see
Cluster inspection alerts.