Service limits quotas capacity and concurrency - Container Compute Service

This topic describes cluster limits, capacity limits, and concurrency limits for Alibaba Cloud Container Compute Service (ACS), and explains how to request higher quotas.

Overview of limits

Before using Alibaba Cloud Container Compute Service (ACS), note the following usage limits:

After creating an ACS cluster, you cannot perform the following operations:
- Change the VPC of the cluster.
- Change the container network plugin.
- Change the storage plugin.
- Migrate applications across namespaces.
Traffic to cluster control plane components is subject to the following limits:
When you access cluster control plane components (API Server and etcd) through APIs or the command line, rate limiting may trigger if you read many cluster events in a single request due to bandwidth constraints, causing the read operation to fail. We recommend that you use the ACS console Operations Management > Event Hub to query cluster events, or add pagination parameters in your API or command-line requests to reduce the amount of data per request (for example: --chunk-size=500).

Quotas

Type	Quota limit	Default quota	How to increase quota
Total number of ACS clusters that a single account can create	20	3	Go to the Quota Center to request a higher default quota. Select the quota named Total ACS Clusters. Note If the quota limit still does not meet your needs, submit a ticket to contact technical support for a higher quota. Select the product category Container Service for Kubernetes.
Maximum total vCPUs available for pay-as-you-go elastic instances in a single region	30,000 vCPUs	100 vCPUs	Go to the Quota Center and select the target region to request a higher default quota. Note If the quota limit still does not meet your needs, submit a ticket to contact technical support for a higher quota. Select the product category Container Compute Service.

Capacity limits

Type	Quota limit	How to increase quota
etcd storage capacity	8 GB	Cannot be increased
Total size of each type of etcd object	800 MB	Cannot be increased
Pod	50,000	Requests exceeding 50,000 pods are rejected by default. submit a ticket to request technical support for a higher quota. Important If many pods are associated with services, keep the number below 20,000.
service	10,000 units	Requests exceeding 10,000 Services are rejected by default. submit a ticket to request technical support for a higher quota. Note If a namespace contains many Services, the large number of environment variables injected by kubelet may slow down or prevent Pod startup. To resolve this performance bottleneck, set `enableServiceLinks: false` in the Pod spec to disable this injection.
ConfigMap	30,000 units	submit a ticket to request technical support for a higher quota.
Secret	10,000 units
PVC	10,000 units
PV	10,000 units
Total CRs of a single type	100,000	The default resource limit is 10,000. Requests exceeding this limit are rejected. submit a ticket to request technical support for a higher quota.
Total CRDs	100,000 units	Cannot be increased

Concurrency limits

Cluster control plane

Note

QPS (Queries Per Second) refers to the number of requests received per second.

Type	Concurrency limit	Default concurrency	How to increase concurrency
Full list QPS for Pods	1	1	Frequent full retrieval of core Pod data puts heavy pressure on the control plane. Optimize your code by adding `selector` or `namespace` filters to reduce the amount of data retrieved per request.
Pod Create QPS	300	300	Requests exceeding 300 QPS are rejected by default and return HTTP status code 429. submit a ticket to request technical support for higher concurrency.
Pod Delete QPS	300	300
Pod Patch QPS	300	300
Pod Update QPS	300	300
Services Create QPS	20	20	Requests exceeding 20 QPS are rejected by default and return HTTP status code 429. submit a ticket to request technical support for higher concurrency.
Services Delete QPS	30	30	Requests exceeding 30 QPS are rejected by default and return HTTP status code 429. submit a ticket to request technical support for higher concurrency.
Services Patch QPS	30	30
Services Update QPS	30	30
Lease Update QPS	2000	2000	Requests exceeding 2000 QPS are rejected by default and return HTTP status code 429. submit a ticket to request technical support for higher concurrency.
ConfigMap Update QPS	200	200	Requests exceeding 200 QPS are rejected by default and return HTTP status code 429. submit a ticket to request technical support for higher concurrency.
Endpoint Update QPS	200	200
Other Create QPS	500	500	Requests exceeding 500 QPS are rejected by default and return HTTP status code 429. submit a ticket to request technical support for higher concurrency.
Other Delete QPS	500	500
Other Patch QPS	500	500
Other Update QPS	500	500

Image cache

The following table lists the maximum number of API calls per minute for each API in a single region.

API operation	Maximum calls per minute
CreateImageCache	300
DeleteImageCache	300
ListImageCaches	600
GetImageCache	6000

Instance delivery throughput

The following table lists the maximum Pod delivery throughput per minute for instance-related operations in a single region (including internal retries).

Instance-related capability	Maximum Pod delivery throughput per minute
Instance creation	1000
Instance deletion	1000

Quota limits of underlying cloud services

Limit category	Limitations	Default quota	How to increase quota
VPC limits	Custom route entries per route table (excluding dynamically propagated route entries).	200	Go to the quota management page or the Quota Center to request a higher quota.
	Dynamically propagated routes per table.	500
	vSwitches per VPC.	150
	VPCs in a single region.	10
	Private IP addresses used by cloud resources in a VPC.	300,000 1. If an Elastic Compute Service (ECS) instance has only one private IP, the ECS instance uses only one network address. 2. If an ECS instance is associated with multiple ENIs or multiple IP addresses are configured for the ENIs, the number of network addresses used by the ECS instance is the sum of the IP addresses that are assigned to the ENIs associated with the ECS instance.	No.
	Maximum number of private IP addresses that a security group in a VPC can contain per Alibaba Cloud account in a region	Basic security group limit: 6,000 Note The number of used IP addresses is calculated based on the number of private IP addresses on the ENIs (including the primary and secondary ENIs of an instance) associated with a security group. This count is the sum of all IP address types, such as primary private IPv4, IPv6, secondary private IPv4, IPv4 prefixes, and IPv6 prefixes. If you have more than 6,000 private IP addresses to access each other over the internal network, add the ECS instances which use the private IP addresses, to multiple security groups, and configure security group rules to allow access between the security groups. You can view the maximum number of private IP addresses in a basic security group in a VPC in the Quota Center by using the quota ID `q_vpc-normal-security-group-ip-count`. Enterprise security group limit: 65,536 The number of used IP addresses represents the total number of ENIs associated with a security group, including both primary and secondary network interfaces of an instance.	No.
	Maximum number of ENIs (secondary ENIs) that a single Alibaba Cloud account can create in a specific region	View in the Quota Center.	Go to the Quota Center to increase the quota.
	Pay-as-you-go EIPs per account (excludes subscription EIPs)	20	Go to the Quota Center to increase the quota.
SLB limits	Number of CLB instances that can be created per Alibaba Cloud account	30	You can increase the quota using one of the following methods: Go to the Server Load Balancer Quota Management page to increase the slb_quota_instances_num quota. For more information, see Quota management. Go to Quota Center to increase the quota. For more information, see Manage CLB quotas.
	Number of backend servers that can be added to a CLB instance	200	You can increase the quota using one of the following methods: Go to the Server Load Balancer Quota Management page to increase the slb_quota_backendservers_num quota. For more information, see Quota management. Go to Quota Center to increase the quota. For more information, see Manage CLB quotas.
	Number of listeners that can be added to a CLB instance	50	You can increase the quota using one of the following methods: Go to the Server Load Balancer Quota Management page to increase the slb_quota_listeners_num quota. For more information, see Quota management. Go to Quota Center to increase the quota. For more information, see Manage CLB quotas.
Disk limits	Quota for the number of pay-as-you-go disks across all regions for a single account	View in the Quota Center.	submit a ticket to increase the quota.
Disk limits	Quota for the capacity of pay-as-you-go disks used as data disks for a single account	Depends on your ECS usage, region, and disk type. View in the Quota Center. For more information, see View or increase Elastic Block Storage quotas.	submit a ticket to increase the quota.