Container Service for Kubernetes (ACK) provides high-performance management services for containerized applications. You can use ACK to manage containerized applications that run on the cloud in a convenient and efficient manner. This topic describes how to use ACK and the ACK documentation, and provides answers to some frequently asked questions about ACK. This helps you quickly get started with ACK.
How to use ACK
How to use the ACK documentation
- Assign roles to your Alibaba Cloud account. For more information, see ACK default roles.
- Create a standard managed Kubernetes cluster. For more information, see Create a managed Kubernetes cluster. To create a cluster of other types, see the following topics:
- Create an ASK cluster
- Create a dedicated Kubernetes cluster
- Create a professional managed Kubernetes cluster
- Create a managed edge Kubernetes cluster
- Create a managed Kubernetes cluster with GPU-accelerated nodes and Create a dedicated Kubernetes cluster with GPU-accelerated nodes
- Create a managed Kubernetes cluster that runs sandboxed containers and Create a dedicated Kubernetes cluster that runs sandboxed containers
- Create a managed Kubernetes cluster for confidential computing
- Deploy an application by using an image or an orchestration template. For more information, see Create a stateless application by using a Deployment.Note If your application consists of containers that are created from different images, we recommend that you use a YAML file to deploy the application.
- Perform O&M operations on the cluster and the application.
Cluster O&M Application O&M Cluster management Application deployment Node maintenance Application and image updates Node pool management Application scaling
- Monitoring management
- Log management
Cluster auditing, Collect log files from containers by using Log Service, Configure Log4jAppender for Kubernetes and Log Service, Collect the logs of control plane components in a managed Kubernetes cluster, and Monitor CoreDNS and analyze the CoreDNS log.
- Cost analysis and alert management
- How do I create a Docker image that can be used to deploy applications in ACK clusters?
Container Registry allows you to create a container image in a convenient manner. For more information about how to create a Docker image, see Build an image for a Java application by using a Dockerfile with multi-stage builds. You can also use the open source tool Derrick to simplify the steps to containerize your application.
- How do I deploy applications in ACK clusters if I cannot create images?
ACK allows you to deploy applications by using your images hosted by Container Registry. You can also use Docker official images, your favorite images added from Container Registry, and public images provided by Container Registry. For more information, see Deploy a stateless application from an image.
- How do I plan the network when I create a cluster?
Before you create a cluster, make sure that the CIDR block of the virtual private cloud (VPC) where you want to deploy the cluster, the Service CIDR block, and the pod CIDR block do not overlap with one another. You can select an existing VPC to deploy the cluster and use the default CIDR blocks. In some complex scenarios, you must plan the IP addresses of Elastic Compute Service (ECS) instances, pods, and Services. For more information, see Plan the network of an ACK cluster.
- How do I choose between Terway and Flannel when I create a cluster?
Flannel is a simple and stable Container Network Interface (CNI) plug-in provided by the Kubernetes community. However, Flannel provides only basic features and does not support standard Kubernetes network policies. Terway is a network plug-in developed by Alibaba Cloud. Terway supports standard Kubernetes network policies and bandwidth throttling on containers. Terway outperforms Flannel in terms of network performance. For more information, see Use the Terway plug-in.
- What do I do if I fail to create a cluster?
You can check the cluster log to locate issues and fix the issues based on the instructions provided by ACK. For more information, see Failed to create a Kubernetes cluster.
- How do I access cluster workloads over the Internet?
- How do I enable the communication among workloads in an ACK cluster?
You can use internal domain names or ClusterIP Services to enable the intercommunication of workloads in an ACK cluster.For example, Workload A and Workload B are deployed in a cluster. To allow Workload A to access Workload B, you can create a ClusterIP Service for Workload B. For more information, see Manage Services. After the ClusterIP Service is created, Workload A can access Workload B by using the following connection strings:
<The name of the ClusterIP Service>.<The namespace to which Workload B belongs>.svc.cluster.local:<Port number>
- What considerations do I take note of when I expose Services through SLB instances?
When you create a LoadBalancer Service, the cloud controller manager (CCM) automatically creates and configures an SLB instance for the Service. We recommend that you do not modify the SLB instance in the SLB console. Otherwise, access to the Service may be interrupted. For more information, see Considerations for configuring a LoadBalancer type Service.
- How do I pull private images from Container Registry?
We recommend that you use the aliyun-acr-credential-helper component. By default, aliyun-acr-credential-helper is installed in each ACK cluster. You can use this component to pull private images from Container Registry without a password. For more information, see Use the aliyun-acr-credential-helper component to pull images without a password.