Basic information and changelog of Cloud Controller Manager - Container Compute Service

The Cloud Controller Manager manages load balancing services in Kubernetes clusters. This topic describes its features, usage notes, and changelog.

Component overview

The Cloud Controller Manager (CCM) component integrates Kubernetes with Alibaba Cloud infrastructure. It manages Alibaba Cloud load balancing services in ACS clusters and supports both Classic Load Balancer (CLB) and Network Load Balancer (NLB). The features are as follows:

When you set the type of a service to Type=LoadBalancer, CCM creates or configures a CLB or NLB for the service. This includes resources such as CLB or NLB instances, listeners, and backend servers.
When the backend endpoints or virtual nodes of a service change, CCM automatically updates the backend server group of the CLB or NLB.

Usage notes

For more information about how to use CCM to manage load balancing services, see the following documents:
- Before you configure load balancing, review the relevant notes. For more information, see Notes on configuring load balancing for a service.
- For more information about how to configure load balancing, see Expose an application using a service that automatically creates a load balancer and Expose an application using a service that uses an existing load balancer.
- CCM provides various annotations to support advanced load balancing features. For more information about how to use annotations, see Configure a CLB instance using annotations.
For more information about how to troubleshoot a CCM upgrade failure, see The Cloud Controller Manager (CCM) component fails the upgrade check.

Changelog

November 2025

Version

Image address

Change date

Changes

Impact

v2.12.3

registry-cn-hangzhou.ack.aliyuncs.com/acs/cloud-controller-manager:v2.12.3

November 19, 2025

This version is in grayscale release.

Optimizations:

When a CLB error occurs because the ENI corresponding to a backend pod IP address cannot be found, the new error log includes the specific pod name (targetRef) and its node information.

Bug fixes:

Fixed an issue where a panic occurred during service synchronization when a query for NLB information failed or an asynchronous task call failed.

This upgrade does not affect your services.

September 2025

Version	Image address	Change date	Changes	Impact
v2.12.1	registry-cn-hangzhou.ack.aliyuncs.com/acs/cloud-controller-manager:v2.12.1	September 11, 2025	Important Starting from this version, the default billing method for new CLB instances is changed from pay-by-specification (PayBySpec) to pay-by-LCU (PayByCLCU). Existing CLB instances are not affected. For more information about this change, see [Product Change] Announcement on Changes to Default Load Balancer Type and Billing Method for New Services and Nginx Ingress Controllers. New features: The default billing method for new CLB instances is changed from pay-by-specification to pay-by-LCU. Optimizations: Improves the processing speed and performance of CLB and NLB. When an OpenAPI call for an NLB is throttled, CCM retries the call a specific number of times after a waiting period. Optimizes metrics related to the synchronization time for services, routes, and nodes. The retry interval for `readinessGate` is changed from exponential backoff to a fixed value. Bug fixes: Fixed an issue where the backend `targetPort` could not be automatically used as the health check port when an NLB listener was configured with a port range and health checks were manually configured.	This upgrade does not affect your services.

July 2025

Version	Image address	Release date	Description	Impact
v2.11.4	registry-cn-hangzhou.ack.aliyuncs.com/acs/cloud-controller-manager:v2.11.4	2025-07-17	Fixed issue: The issue that NLB listener port ranges fail to be created when using `service.beta.kubernetes.io/alibaba-cloud-loadbalancer-listener-port-range`.	No impact on workloads.

June 2025

Version	Image address	Release date	Description	Impact
v2.11.3	registry-cn-hangzhou.ack.aliyuncs.com/acs/cloud-controller-manager:v2.11.3	2025-06-27	Improvement: When a server group is created empty, the OpenAPI call for adding servers is skipped. Fixed issue: The server addition failure that may occur when targetPort is configured with a port name and only specific pods are selected.	No impact on workloads.

May 2025

Version	Image address	Release date	Description	Impact
v2.11.2	registry-cn-hangzhou.ack.aliyuncs.com/acs/cloud-controller-manager:v2.11.2	2025-05-29	Improvement: The synchronization logic of the server group is optimized to reduce the calls to API operations.	No impact on workloads.
v2.11.1	registry-cn-hangzhou.ack.aliyuncs.com/acs/cloud-controller-manager:v2.11.1	2025-05-15	New features: Backend server weight updates can be ignored using the `service.beta.kubernetes.io/alibaba-cloud-loadbalancer-ignore-weight-update` annotation. Multiple ACL IDs and multiple access control policy groups can be configured for CLB. Listener port ranges can be configured for NLB using the `service.beta.kubernetes.io/alibaba-cloud-loadbalancer-listener-port-range` annotation. Custom NLB OpenAPI endpoints can be configured using the `NLB_ENDPOINT` environment variable. Improvements: The processing speed for node addition and route addition is optimized to reduce the number of API calls. The synchronization and listening of Services, along with server group operations, are parallelized to decrease the time taken for each Service synchronization. When creating an NLB instance by calling API operations, if the EIP instance ID or IPv4 private network address is not specified, a null pointer is passed instead of an empty string. When calling the DescribeNetworkInterfaces operation, `NextToken` is used for pagination instead of `PageSize`. Fixed issues: The issue where retries are not performed when the pod is not ready while using ReadinessGate in the service is fixed in NLB.	No impact on workloads.

January 2025

Version	Change date	Changes	Impact
v2.10.2	January 20, 2024	New features: Supports adding the `node.alibabacloud.com/spot-strategy` tag to a node to indicate whether the node is a spot instance. Optimizations: When multiple listeners of the same service are associated with the same server group, the server group is synchronized only once. Bug fixes: Fixed an issue where an SLB instance could not be created if a service of the `LoadBalancer` type was changed to another type and then changed back to the `LoadBalancer` type. Fixed an issue where a "Pod not found" error was reported when updating the readiness status of a pod. When updating the tags of an SLB instance, ignores system tags that start with `acs:`.	This upgrade does not affect your services.

December 2024

Version	Change date	Changes	Impact
v2.10.0	December 2, 2024	Important Starting from this version, changes to the value of the `service.beta.kubernetes.io/alibaba-cloud-loadbalancer-additional-resource-tags` annotation take effect on created and reused SLB instances. When you use this annotation, do not modify the tags of the SLB instance in the console. Before you upgrade to this version, make sure that the tags on the SLB instance are consistent with the annotation. New features: Supports the readinessGate feature. Supports modifying tags after an instance is created using the `service.beta.kubernetes.io/alibaba-cloud-loadbalancer-additional-resource-tags` annotation. Supports retaining an SLB instance after a service is deleted using the `service.beta.kubernetes.io/alibaba-cloud-loadbalancer-preserve-lb-on-delete` annotation. Supports adding the `node.alibabacloud.com/nodepool-id` and `node.alibabacloud.com/instance-charge-type` tags to nodes. NLB supports specifying the ALPN policy for `TCPSSL` listeners using the `service.beta.kubernetes.io/alibaba-cloud-loadbalancer-alpn` and `service.beta.kubernetes.io/alibaba-cloud-loadbalancer-alpn-policy` annotations. Optimizations: Upgrades the base image to Alpine 3.18. Optimizes log output by adding `reconcileID`. Bug fixes: Fixed an issue where a service in an NLB instance might be incorrectly taken over by the CLB controller.	This upgrade does not affect your services.

June 2024

Version	Change date	Changes	Impact
v2.8.3	June 30, 2024	New features: Supports the Addon Token authorization mode. NLB supports creating IP-based server groups using the `service.beta.kubernetes.io/alibaba-cloud-loadbalancer-server-group-type` annotation. For more information about the categories and descriptions of NLB server groups, see NLB server groups. Optimizations: The client directly accesses the API server to prevent dirty data caused by the caching mechanism. NLB: Optimizes the server group creation logic to prevent the occasional issue of duplicate server group creation. CLB: Adds IP address verification when a CLB instance attaches a pod ENI. The IP address must be within the cluster's VPC.	This upgrade does not affect your services.