DocsICP FilingConsole
官方文档
首页

Create a cluster

更新时间:
复制 MD 格式
产品详情
我的收藏

When you create a managed Kubernetes cluster, you only need to create worker nodes. Container Service for Kubernetes (ACK) creates and hosts the master nodes. This lets you focus on your business. This topic describes how to create a managed Kubernetes cluster in the ACK console.

Note

Starting from August 15, 2020, new clusters created on Alibaba Cloud are ACK managed clusters by default.

Prerequisites

  • No cluster exists in the workspace.

  • You have AKS administrative permissions.

  • A virtual private cloud (VPC) based workspace already exists.

  • If you are using ACK for the first time, you must grant ACK permissions to access cloud resources. For more information, see First use of Container Service for Kubernetes.

Procedure

  1. Log on to the Container Application Service console. In the navigation pane on the left, click Cluster Management.

  2. On the Cluster Details page, click Create Cluster.

  3. On the Create Cluster page, ACK automatically runs a precheck. The precheck ensures that the required products are activated and that your account balance is greater than 100 CNY. After the precheck passes, click Next.

    Note

    • If the precheck fails, resolve the identified issues. Then, click Recheck to run the precheck again.

    • The SOFAStack cluster network plugin, CCM, requires authorization to access cloud resources to provide services such as load balancing and unified traffic management. The precheck step verifies that the AliyunSofaCafeCCMRole role is in your RAM role list. If not, you must grant the role. For more information, see CCM role authorization.

  4. On the Basic Configuration page, configure the cluster and click Next.

    1. Configure the basic options for the cluster.

      Configuration item

      Description

      VPC

      The name of the VPC for the current workspace. This cannot be changed.

      Cluster Name

      Enter a name for the cluster.

      Note

      The cluster name must be 1 to 63 characters in length and can contain digits, Chinese characters, letters, or hyphens (-).

      Kubernetes Version

      Select a Kubernetes version. You can select 1.16.9-aliyun.1 or 1.18.8-aliyun.1.

      Container Runtime

      Supports docker 19.03.5 and containerd 1.4.3.

    2. Configure the cluster network.

      Configuration item

      Description

      vSwitch

      From the list of existing vSwitches, select one to three vSwitches based on the zone.

      Note

      If the vSwitch you need is not available, click the create vSwitch link to create one. For more information, see Create a vSwitch.

      Network Plugin

      Set the network plugin to enable. The Terway network plugin is currently supported.

      Note

      Terway is a network plugin developed by Alibaba Cloud. It assigns an Elastic Network Interface (ENI) to a container. It also supports Kubernetes Network Policy to define access policies between containers and to limit the bandwidth of a single container.

      Pod vSwitch

      The vSwitch that assigns IP addresses to pods. Each Pod vSwitch corresponds to a vSwitch of a worker instance.

      Note

      If the vSwitch you need is not available, click the create vSwitch link to create one. For more information, see Create a vSwitch.

      Service CIDR

      Set the Service CIDR. The CIDR block cannot be the same as the CIDR block of the VPC or any existing Kubernetes cluster in the VPC. This cannot be changed after the cluster is created.

    3. Configure the advanced settings for the cluster.

      Configuration item

      Description

      Configure SNAT

      This cannot be changed and is selected by default. When you create a cluster, public network access is not enabled by default. If the selected VPC does not have public network access, select Configure SNAT for VPC. ACK will then create a NAT Gateway and automatically configure SNAT rules.

      Public Access

      Specify whether to expose the API server using an elastic IP address (EIP). The API server provides HTTP REST interfaces for operations such as creating, updating, reading, and deleting resource objects like pods and services.

      • If you enable this option, an EIP is created and attached to an internal-facing Server Load Balancer (SLB). Port 6443 of the master node, which corresponds to the API server, is exposed. You can then connect to and operate the cluster from the public network using the kubeconfig file.

      • If you do not enable this option, no EIP is created. You can only connect to and operate the cluster from within the VPC using the kubeconfig file.

        Note

        To get the kubeconfig information, go to the ACK console.

      kube-proxy Proxy Mode

      Supports iptables and IPVS modes.

      • iptables: A mature and stable kube-proxy proxy mode. It uses iptables rules for service discovery and load balancing of Kubernetes services. Its performance is average and is significantly affected by scale. It is suitable for scenarios with a small number of services in the cluster.

      • IPVS: A high-performance kube-proxy proxy mode. It uses the Linux IPVS module for service discovery and load balancing of Kubernetes services. It is suitable for scenarios with many services in the cluster and high-performance requirements for load balancing.

      Cluster Deletion Protection

      Prevents accidental deletion of the cluster through the console or an API. This is selected by default but can be changed.

      Deployment Unit

      By default, Use default configurations is selected. If you clear this check box, you can set different deployment units for each zone. To modify a deployment unit, go to Global Settings > Workspace Details.

      Simple Log Service

      Supports Create New Project and Use Existing Project.

      • Create New Project: This is selected by default. A project named k8s-log-{ClusterID} is automatically created.

        Note

        ClusterID is the unique ID of the new cluster.

      • Use Existing Project: Select a project from the list of existing projects to manage the collected logs.

  5. On the Node Configuration page, configure the worker nodes and click Next.

    Configuration item

    Description

    Billing Method

    Supports Pay-as-you-go and Subscription billing methods for nodes. If you select Subscription, configure the following parameters.

    • Duration: You can select 1, 2, 3, or 6 months, or 1 to 5 years.

    • Auto-renewal: Specify whether to enable auto-renewal.

    Number of Nodes

    The number of worker instances (ECS instances) to create.

    Instance Type

    You can select multiple instance types. For more information, see Instance family.

    Selected Instance Types

    Displays the selected instance types.

    System Disk

    Supports ESSD cloud disk and ultra disk.

    Attach a disk

    Supports ESSD cloud disk and ultra disk.

    Operating System

    Supports CentOS and Alibaba Cloud Linux (Alinux) operating systems.

    Logon Password

    Set the logon password for the nodes. The password must be 8 to 30 characters long and contain three of the following character types: letters, digits, and special characters.

    Confirm Password

    Confirm the logon password for the nodes.

  6. On the Configuration Preview page, verify the configurations and click Submit.

    Note

    It usually takes about 10 minutes to create a multi-node Kubernetes cluster.

Results

After the cluster is created, you can view its details on the Cluster Details page.

Previous:Changes for integrating with ACKNext:Scale out a cluster