ACK cluster overview-Container Service for Kubernetes(ACK)-阿里云帮助中心

Container Service for Kubernetes offers various types of clusters. These clusters have different features, operational requirements, and compensation standards, and are suitable for different scenarios. You can refer to the comparison in this topic to select the cluster type that suits your business.

Cluster types

Container Service for Kubernetes supports two cluster types, distinguished by whether Alibaba Cloud manages the control plane:

ACK managed cluster: Alibaba Cloud fully manages the control plane of a managed cluster. ACK managed clusters are available in two editions: ACK managed Pro cluster and ACK managed Basic cluster. They differ in control plane availability and advanced customization features.
ACK dedicated cluster: You are responsible for creating and maintaining the control plane of a dedicated cluster.
Important
You can no longer create new ACK dedicated clusters. For more information, see [Product Announcement] Creation of new ACK dedicated clusters is discontinued.

The following table compares the different cluster types.

Item	ACK managed cluster		ACK dedicated cluster
	ACK managed Pro cluster	ACK managed Basic cluster
Cluster size	A single account can have up to 100 clusters. Each cluster supports up to 5,000 worker nodes by default. You can request a quota increase in the quota center.	A single account can have up to 2 clusters. Each cluster supports up to 10 worker nodes by default. You cannot request a quota increase.	A single account can have up to 100 clusters. Each cluster supports up to 5,000 worker nodes by default. You can request a quota increase in the quota center.
Management scope	Supports enabling auto mode: Enabled: Create a cluster with minimal planning and configuration. ACK fully manages the control plane and key components, and by default, creates a node pool with auto mode enabled. For more information, see Auto mode later in this topic. Disabled: The cluster control plane is fully managed, and you are responsible for maintaining the worker nodes.	The cluster control plane is fully managed. You are responsible for maintaining the worker nodes.	The cluster control plane is not managed. You are responsible for maintaining both the master nodes and worker nodes.
Use cases	Enterprise production and testing environments. Scenarios that require cost reduction. Scenarios where you want to focus on business applications and reduce cluster O&M.	Small-scale clusters that are suitable for individual learning and testing.	Scenarios that are less cost-sensitive and where you have the Kubernetes expertise to plan, manage, and maintain clusters independently. Scenarios that require research and deep customization of Kubernetes, such as customizing the cluster control plane (master nodes).
Billing	You are charged cluster management fees based on the number of clusters. You are also charged for other Alibaba Cloud products used by worker nodes and some components, such as Simple Log Service (SLS). Note ACK managed Pro clusters support resource plans. For more information, see Cluster management fees.	No cluster management fees are charged. However, you are charged for other Alibaba Cloud products used by worker nodes and some components, such as Simple Log Service (SLS).	No cluster management fees are charged. You are charged for other Alibaba Cloud products used by master nodes, worker nodes, and some components, such as Simple Log Service (SLS).
SLA	Provides a Service Level Agreement (SLA) of 99.95% service availability for regional clusters and 99.50% for zonal clusters. For more information, see Alibaba Cloud Container Service for Kubernetes Service Level Agreement.	No SLA is provided.

ACK managed Pro cluster capabilities

The following table compares the capabilities of ACK managed Pro clusters and ACK managed Basic clusters.

Note

In the following table, indicates that a feature is supported, and indicates that a feature is not supported.

Feature	ACK managed Pro cluster	ACK managed Basic cluster
Customize control plane component parameters
API server metrics
High-frequency hot and cold backup and geo-disaster recovery for etcd
etcd observability metrics
Gang scheduling policy
Enable CPU topology-aware scheduling
GPU topology-aware scheduling
Advanced scheduling for GPU sharing
envelope encryption for Secrets by using KMS
Managed node pools

Hot migration

Both ACK managed Basic clusters and ACK dedicated clusters support hot migration to ACK managed Pro clusters. For more information, see the following topics:

Auto mode

When you create an ACK managed cluster, enabling auto mode allows you to quickly create a Kubernetes cluster that follows best practices with minimal network planning and configuration. Key features include:

Fully managed operations: ACK fully manages the cluster control plane and key components. By default, an auto mode node pool is created. The node pool automatically scales based on the workload. ACK also handles O&M tasks like OS version upgrades, software version upgrades, and security vulnerability patching.
Intelligent resource provisioning: The system automatically recommends optimal instance types, requiring no manual configuration.
Optimized base software stack: The immutable ContainerOS root file system enhances security. A streamlined system and configuration accelerate node startup, and an optimized kernel maximizes hardware performance.

auto mode is ideal for the following scenarios:

Dynamic resource elasticity: In scenarios where workload demands fluctuate significantly, auto mode can rapidly respond to changes by automatically scaling computing resources. This reduces cluster resource costs.
DevOps and CI/CD pipelines: In continuous integration and continuous deployment (CI/CD) environments, auto mode can automatically adjust resources based on build and testing requirements, which improves development efficiency and reduces costs.

auto mode is designed with the concepts of elastic capacity, immutable infrastructure, and maintenance-free operations. For workloads highly dependent on node environment customization and node-local persistent storage, you should perform a comprehensive application assessment to identify potential compatibility risks before migration.

Important

auto mode is designed to provide automated and intelligent O&M for Kubernetes clusters. However, you are still responsible for certain tasks in specific scenarios. For more information, see the shared responsibility model.

Product features

Feature	Description
Cluster management	Cluster creation: You can create various types of clusters, select from a wide range of worker nodes, and apply flexible custom configurations. For more information, see Create an ACK managed cluster and Create an ACK dedicated cluster (Discontinued). Cluster upgrades: You can automatically or manually upgrade the Kubernetes version of a cluster and centrally manage system component upgrades. For more information, see Manually upgrade a cluster and Automatically upgrade a cluster. Auto scaling: Vertically scale resources with one click in the console to quickly respond to business fluctuations. It also supports service-level affinity policies and horizontal scaling. Scheduling: ACK supports hybrid scheduling of different elastic resources, fine-grained scheduling of heterogeneous resources, and task scheduling for batch computing to improve application performance and overall cluster resource utilization. Multi-cluster management: You can connect clusters from on-premises data centers and multi-cloud, multi-region environments to achieve hybrid cloud application management. Authorization management: Supports RAM authorization and RBAC permission management.
Nodes and node pools	Supports node pool lifecycle management. You can configure node pools with different specifications in the same cluster, such as vSwitches, container runtimes, operating systems, and security groups. For more information, see Nodes and Node pools.
Application management	Application creation: You can create various types of applications from images and templates, and configure environment variables, application health checks, data disks, and logs. Application lifecycle: Manage the full lifecycle of applications, including viewing, updating, deleting, rolling back to previous versions, performing rolling updates, and redeploying. Application scheduling: ACK supports three scheduling policies: node affinity, pod affinity, and pod anti-affinity. Application scaling: You can manually scale application container instances and use the Horizontal Pod Autoscaler (HPA) for automatic scaling. Application release: Supports canary and blue-green releases. Application Catalog: You can use the Application Catalog to simplify cloud service integration. Application Center: After an application is deployed, you can use the Application Center to view the application topology and centrally manage versions and rollbacks for scenarios such as continuous deployment. Application backup and restore: You can back up and restore Kubernetes applications. For more information, see Back up and restore applications in a cluster.
Storage	Storage plug-ins: Supports Container Storage Interface (CSI) plug-ins. For more information, see Storage. Volumes and claims: You can create block storage, NAS, and OSS and CPFS volumes. You can mount volumes by using a persistent volume claim (PVC). Supports dynamic volume provisioning and migration. You can view and update volumes and claims by using scripts.
Network	Supports two container network plug-ins: Terway and Flannel. For more information, see Network. You can define the CIDR blocks for Services and pods. Supports NetworkPolicy. For more information, see Use network policies in ACK clusters. Supports Ingress-based routing. For more information, see Ingress management. Supports DNS-based service discovery. For more information, see Service discovery and DNS.
Auto scaling	ACK automatically adjusts elastic computing resources based on your policies. This includes: Workload scaling (scheduling layer elasticity): adjusts the scheduling capacity of workloads. Node scaling (resource layer elasticity): scales out nodes to increase scheduling capacity when the existing capacity is insufficient. For more information, see Auto scaling.
Scheduling	ACK provides various scheduling policies for different workloads, such as task scheduling, QoS-aware scheduling, and rescheduling, to improve application performance and overall cluster resource utilization. For more information, see Scheduling.
O&M and security	Observability: Monitoring: Supports monitoring at the cluster, node, application, and container instance levels, and also supports the Prometheus plug-in. Logging: You can view cluster logs, collect application logs, and view container instance logs. Alerting: Supports alerting for container service events and container-related metrics. For more information, see Alert management for Container Service. Cluster inspection and diagnostics (AIOps) Cluster check: You can run cluster checks before operations such as cluster upgrades and migrations to ensure that the cluster meets the requirements. Cluster inspection: You can scan the health of a cluster to identify potential risks, such as remaining cloud resource quotas and the watermarks of key Kubernetes cluster resources. You can then troubleshoot and fix the issues based on the recommended solutions. Cluster diagnostics: You can use the one-click fault diagnosis feature for nodes, pods, Services, Ingresses, memory, and networks to help you locate issues in your cluster. Cost analysis: You can visualize cluster resource usage and cost distribution to improve cluster resource utilization. Security Center: You can manage runtime security policies, inspect application security configurations, and monitor runtime security and alerts to enhance the defense-in-depth of your containers. Security sandbox: Run applications in a lightweight virtual machine sandbox environment with an independent kernel for better security isolation. This is ideal for untrusted application isolation, fault isolation, performance isolation, and multi-tenant workload isolation. Confidential computing: A comprehensive, cloud-native confidential computing platform based on Intel SGX. It protects the security, integrity, and confidentiality of data in use by allowing you to place sensitive data and code in a special trusted execution environment.
Heterogeneous resources	GPU: You can create clusters that use GPU-accelerated instances as worker nodes. GPU scheduling, monitoring, auto scaling, and O&M are also supported. For more information, see Add GPU nodes to a cluster. GPU sharing: You can use a GPU sharing framework to run multiple containers on the same GPU-accelerated node in a cluster that is deployed on the cloud or in a data center. For more information, see GPU sharing. Cloud-native AI: Provides cloud-native AI capabilities for orchestrating and managing data computing jobs. For more information, see Overview of the cloud-native AI suite.
Developer tools	API CLI SDK Terraform