Quotas and limits on ACK - Container Service for Kubernetes

This topic describes the quotas and limits on using Container Service for Kubernetes (ACK), including cloud service and cluster configuration limits, individual cluster capacity limits, cluster quotas, and dependent cloud service quotas.

Limits

Cloud service and cluster configuration limits

Before you activate ACK and when you use ACK clusters, take note of the following limits.Container Service for Kubernetes

Limit	Description
Account authentication	You need to complete real-name verification and activate ACK before you can create ACK clusters. For more information, see Quick start for first-time users.
Cluster configurations	After you create an ACK cluster, you cannot modify the following cluster configurations. You cannot change the virtual private cloud (VPC) of the cluster. You cannot change the cluster type. For example, you cannot directly change the cluster type from ACK dedicated cluster to ACK managed cluster. Hot migration from ACK basic clusters to ACK Pro clusters is supported. You cannot change the cluster edition. For example, you cannot change the cluster edition from ACK Pro cluster to ACK Basic cluster. Hot migration from ACK basic clusters to ACK Pro clusters is supported. You cannot switch between the Terway and Flannel network plug-ins.
ECS instance (node instance) configurations	The pay-as-you-go and subscription billing methods are supported. You can change the billing method from pay-as-you-go to subscription in the Elastic Compute Service (ECS) console. For more information, see Change the billing method. Due to the quota and stock limits of the dependent cloud services such as ECS, ACK may succeed to create only partial nodes when creating or scaling out a cluster. If you set Billing Method to Subscription when you create a cluster, the cluster nodes may not reach the expected number due to the quota and stock limits of ECS. We recommend that you set Billing Method to Pay-As-You-Go when you create the cluster. After the cluster is created, log on to the ECS console and change the billing method to subscription. For more information, see Change the billing method of an instance from pay-as-you-go to subscription. You can also create subscription ECS instances in the ECS console and then add the instances to the node pool of the cluster. For more information about the procedure and usage notes, see Add existing ECS instances to an ACK cluster. The node specifications must be 4 vCPUs and 8 GB of memory or higher. For more information, see Suggestions on choosing ECS specifications for ACK clusters.
Access to control plane components	When you use the API or CLI to access a control plane component, such as the API server or etcd, to query large numbers of cluster events, traffic throttling may be triggered due to the bandwidth limit. As a result, the query operation may fail. We recommend that you query cluster events by using the event center. You can also add pagination parameters, such as `--chunk-size=500`, to the API request or command lines to reduce the number of events to be returned per request. For more information, see Scenario 1: Use node-problem-detector with the Kubernetes event center of Log Service to sink cluster events. If traffic throttling is frequently triggered in an ACK Basic cluster, we recommend that you migrate your applications to an ACK Pro cluster. For more information, see Hot migration from ACK basic clusters to ACK Pro clusters.

Individual cluster capacity limit

ACK Pro clusters and ACK Basic clusters are applicable to different scenarios. Therefore, the cluster capacities are also different.

ACK Pro clusters: We recommend that you use this type of cluster in enterprise production environments.
Note
If an ACK Pro cluster uses Terway and has IPVLAN enabled, you can add less than 5,000 nodes to the cluster and create at most 50,000 pods. You can create at most 64,000 mappings between Services and pods.
ACK Basic clusters: This type of cluster is only for individual testing or learning.

The following table describes the capacities of different resources in an ACK cluster.

Resource	ACK Pro cluster	ACK Basic cluster
etcd storage	8 GB	2 GB
Maximum etcd storage for each type of objects	800 MB	200 MB
Nodes	The default is 5,000 and the maximum is 15,000	10
Pods	150,000	300
ConfigMaps	30,000	300
Secrets	30,000	300
PVCs	100,000	1,000
PVs	100,000	1,000
Services	10,000	100
CRDs	100,000	1,000

Quotas

Cluster quotas

Note

The following table describes the default values of different cluster quotas. You can view the adjustable quotas and their maximum values in the Quota Center console and apply for quota increases.

Cluster type		Maximum number of clusters within an Alibaba Cloud account	Maximum number of node pools in a cluster^①	Maximum number of nodes in a cluster	Maximum number of pods on a node^②	How to apply for a quota increase
ACK managed cluster	Basic	2	10	10	If the network plug-in is Flannel: 256. If the network plug-in is Terway: It depends on the node specifications.	Not adjustable
ACK managed cluster	Pro	100	100	If the network plug-in is Flannel: The default is 200 and the maximum is 1000. If the network plug-in is Terway: The default is 5,000 and the maximum is 15,000.		log on to the Quota Center console and submit an application
ACK dedicated cluster		5	100			log on to the Quota Center console and submit an application
ACK Serverless cluster	Basic	2	N/A	N/A	1,000^③	log on to the Quota Center console and submit an application
ACK Serverless cluster	Pro	100	N/A	N/A	The maximum is 50,000. Important We recommend that you keep the number of pods under 20,000 if a large number of pods are associated with the Service.	log on to the Quota Center console and submit an application
ACK Edge cluster	Basic	2	10	10	256	Not adjustable
ACK Edge cluster	Pro	100	100	1,000	256	log on to the Quota Center console and submit an application
Registered cluster		5	100	N/A	256	log on to the Quota Center console and submit an application

①: For the new quota on the maximum number of node pools per cluster to take effect, you must also increase the quota on scaling groups. To do this, log on to the Quota Center console and apply for a quota increase.
②: The maximum number of pods on a node
- The maximum number of pods on a node depends on the cluster network plug-in.
  - Flannel: The maximum number of pods on a node depends on the cluster CIDR block that you specified when you create the cluster. Refer to the preceding table for the quota limit. However, the quota is not adjustable in this scenario.
  - Terway: The maximum number of pods on a node depends on the number of elastic network interfaces (ENIs) supported by the corresponding ECS instance type. We recommend that you choose the latest ECS instance types and ECS instance types with high specifications.
- The quota on the maximum number of pods per node is subject to a worker node. The quota on the maximum number of pods per cluster is subject to an ACK cluster. You can add nodes to an ACK cluster to increase the pod quota. However, when the cluster size grows, the availability and performance of the cluster may be compromised. We recommend that you decide the cluster size properly. For more information, see Suggestions on using large ACK Pro clusters.
③: ACK Serverless clusters does not have physical nodes. This quota specifies the maximum number of pods that can run in an ACK Serverless cluster.

Dependent cloud service quotas

Cloud service	Quota	Default value	How to apply for a quota increase
ECS	Maximum number of Resource Orchestration Service (ROS) templates	100	submit a ticket
	Maximum number of vCPUs of all pay-as-you-go instances	500	submit a ticket
	High-specification pay-as-you-go instances (equipped with more than 16 vCPUs)	Only pay-as-you-go instances with less than 16 vCPUs can be purchased	submit a ticket
	Maximum number vCPUs of all preemptible instances	800	submit a ticket
	Change the billing method from pay-as-you-go to subscription	The following instance types (or families) are not supported: t1, s1, s2, s3, c1, c2, m1, m2, n1, n2, and e3	submit a ticket
	Maximum number of ECS instances in a scaling group	2,000	log on to the Quota Center console and submit an application
	OS	Nodes that run the following operating systems can be added to an ACK cluster: Alibaba Cloud Linux CentOS 7.x Note CentOS 8.x and later are not supported. Windows Server 2019 and Windows Server version 1809 and later.	N/A
Networking	Maximum number of custom route entries in a route table	200	log on to the Quota Center console and submit an application
	Maximum number of vSwitches in a VPC	150	log on to the Quota Center console and submit an application
	Maximum number of VPCs within an Alibaba Cloud account	10	log on to the Quota Center console and submit an application
	Maximum number of private IP addresses in a VPC	65,535	N/A
	Maximum number of IP addresses that can be added to a basic security group	2,000	N/A
	Maximum number of ENIs within an Alibaba Cloud account	50,000	N/A
	Maximum number of elastic IP addresses (EIPs) within an Alibaba Cloud account	20	log on to the Quota Center console and submit an application
Load balancing	Maximum number of SLB instances within an Alibaba Cloud account	60	log on to the Quota Center console and submit an application
	Maximum number of backend servers that can be attached to an SLB instance	200	N/A
	Maximum number of listeners that can be added to an SLB instance	50	log on to the Quota Center console and submit an application
	Maximum number of times that an ECS instance can be repeatedly added to SLB instances as a backend server	50	N/A
Elastic Block Storage (EBS)	Maximum number of pay-as-you-go disks in all regions within an Alibaba Cloud account	This quota is five times the number of ECS instances across all regions within an Alibaba Cloud account. However, Alibaba Cloud allows you to create at least 10 pay-as-you-go disks in all regions within an Alibaba Cloud account.	submit a ticket
Elastic Block Storage (EBS)	Total capacity of all pay-as-you-go disks that are used as data disks within an Alibaba Cloud account	This quota is subject to the number of ECS instances within the account, regions in which the ECS instances reside, and disk types that the ECS instances use. You can go to the Privileges page in the ECS console to view details. For more information, see View and increase instance quotas.	submit a ticket

References

When you use different types of ACK clusters, you need to pay close attention to the usage notes and instructions on high-risk operations for different modules. Otherwise, your businesses may be interrupted.Container Service for Kubernetes For more information, see Usage notes and instructions on high-risk operations.
When you use ACK managed clusters and ACK dedicated clusters, you must configure the clusters, workloads, and components properly to ensure the stability and reliability of applications in the clusters. For more information, see Recommended configurations for high reliability.