2 Methods for Installing Serverless Kubernetes in Alibaba Cloud by@viachaslaumatsukevich

2 Methods for Installing Serverless Kubernetes in Alibaba Cloud

Viachaslau Matsukevich HackerNoon profile picture

Viachaslau Matsukevich

Solutions Architect with expertise in Public cloud, Kubernetes, PaaS and CI\CD

Serverless is great way to run your on-demand workload, especially if you don’t want to manage Kubernetes workers. In this article, we will explore 2 ways of installing the Alibaba Serverless Kubernetes cluster (ASK). We will deploy an application to the Kubernetes virtual node and expose it with a server load balancer and ingress.

Prerequisite: Alibaba Cloud Account

To make ASK work you need to activate the associated cloud services:

  • Elastic Container Instance After activating this service, you can deploy Serverless Kubernetes (ASK) clusters.
  • Server Load Balancer (SLB) With this service you can create SLB instances for Kubernetes clusters.
  • NAT Gateway - This service enables your cluster communication with the Internet
  • Virtual Private Cloud (VPC) - Network service
  • Log Service with Log service you can collect and query log data of managed Kubernetes components and applications. This service is optional.
  • CloudMonitor Service for monitoring nodes and applications in Alibaba Kubernetes clusters. This service is optional.
  • Object Storage Service (OSS) will allow you to store application data in OSS buckets. This service is optional.
  • Apsara File Storage NAS (NAS), Capability to store application data in NAS file systems. This service is optional.
  • Elastic Compute Service (ECS) service to run Virtual Machines for ACK clusters. (This service is optional for ASK Serverless Kubernetes)

Method 1: install with Alibaba Cloud CLI

For that method, I would suggest using Alibaba Cloud Shell. There we have Alibaba Cloud CLI already installed and configured.

Step 1: create console user

To deploy Alibaba Serverless Kubernetes with Aliyun CLI, we need to create a user with API access. Navigate to Resource Access Management to create that user.


Click on Create User and provide Logon name and Display name to the cli user and check Open API Access as shown in the screenshot below. Save the access key and the secret of the newly created user.


To provide permissions to the console user navigate to the Users, click on Add permissions.

In the appeared menu, select AdministratorAccess and click OK.

NOTE: In real life use the principle of the least privileged and grant fine-tuned permissions to the user. Without full admin permissions, you will avoid unnecessary security risks.


Step 2: configure aliyun cli

To open Cloud Shell you need to click the button in the top right corner of the Alicloud console.


In Cloud Shell, we will start by configuring aliyun cli. Provide credentials from alibaba-cli-user you created in the previous step.

aliyun configure

Expected output:


Step 3: provision ASK cluster

In Cloud Shell, we need to create an ask.json file with the parameters of the ASK cluster. It should look like this:


The following command will create an ASK cluster:

aliyun cs  POST /clusters --header "Content-Type=application/json" --body "$(cat ask.json)"

It takes about 3 minutes to create a Kubernetes cluster.

Expected command output:


Once Kubernetes cluster up and running, run the aliyun cs GET <cluster_id> command to query information about the newly created cluster.

aliyun cs GET /clusters/cb2431df0d7334eeeb2e582b18cff8539

Step 4: get kubectl access

To get cluster config run the following command:

mkdir .kube/
aliyun cs GET /k8s/cb2431df0d7334eeeb2e582b18cff8539/user_config | jq -r '.config' > $KUBECONFIG

In the ".kube" folder you can check the kubectl config:

cat .kube/config


Check virtual nodes available in the cluster with the get nodes command:

kubectl get nodes


Step 5: deploy application

Let’s provision a simple Nginx deployment to the cluster:

kubectl apply -f https://k8s.io/examples/controllers/nginx-deployment.yaml

Check that the pods are running with the get pod command:

kubectl get pod


Expose with Server Load Balancer

Now that we confirmed that the pods are running, let’s expose Nginx with Server Load Balancer. Create a svc.yml file with the following content:

apiVersion: v1
kind: Service
    service.beta.kubernetes.io/alibaba-cloud-loadbalancer-spec: slb.s1.small
  name: nginx-service
  namespace: default
  externalTrafficPolicy: Cluster
    - name: nginx-port
      port: 80
      protocol: TCP
      targetPort: 80
    app: nginx
  sessionAffinity: None
  type: LoadBalancer

Apply svc.yml file with the kubectl

kubectl apply -f svc.yaml

Get the EXTERNAL-IP value from kubectl get svc command


and paste it into a new browser tab


Method 2: deploy ASK with console UI

Let’s provision ASK cluster using just User Interface.

Search for the Serverless Container Service in Alibaba Cloud console:


Step 1: configure ASK cluster

Then, on the left panel select Clusters and click on Create Kubernetes Cluster button


On the Cluster configuration page select Serverless Kubernetesand provide the name of the cluster. Click Create VPC if you didn’t provision one beforehand. Check Expose API Server with EIP so you can get kubectl access to your cluster with cloud shell right out of the box


Step 2: configure Nginx Ingress

If you want to expose your serverless Kubernetes apps with Ingress, you need to select the Nginx Ingress button in the Component Configuration menu.

Monitoring and Logging services configurations are available in the same section as well. Additionally, you can enable the knative plugin to get the support of the open-source Kubernetes-based serverless framework.


In the Confirm Order menu, you just need to review the resources that you selected, check Terms of Service for Serverless Kubernetes , and click Create Cluster in the bottom right corner:


Cluster provisioning might take a few mins. Once ready it should look like this:


If you click on the name of the cluster you’ll see a nice dashboard with the status of the Kubernetes cluster.


Step 3: get kubectl access using UI

There are 2 ways you can get access to your cluster with kubectl.

Navigate to the Cluster Information and select Connection Information. You can copy public kubeconfig and paste it in your local Kubernetes config or alternatively you can click Open Cloud Shell which will open Cloud Shell with access to my-ask-ui cluster pre-configured already.


Deploy form the console

Since we are doing a web console run, let us create Kubernetes deployment in UI. On the left panel, navigate to the Workloads\Deployments, and on the right-hand side, click Create from YAML button.


On the appeared page, you can provide deployment configuration. Once ready - go ahead and click on Create button.


If you click on the Pods section of the left menu, you will see the Nginx pod up and running.


Step 4: expose an app in UI with Ingress

Let’s expose Nginx with Ingress using Web UI. For that, we need to create a Cluster IP service first. Go to the Services and create a new one. Add port mappings to the container for ports 443 and 80.


Proceed to the Ingress and create a new one. Provide an Ingress name, pick ports to expose, and specify Domain. In this example, I’m going to use a custom domain provided by Alibaba Cloud with serverlessnginx in front of it.


Open the URL domain that you provided in a new tab to see the standard Nginx page.


Summary: Deploy Kubernetes in Alibaba Cloud

There are a few ways we can deploy managed Serverless Kubernetes clusters in Alibaba Cloud. Using UI might be helpful to explore available customization options for the first time. However, this article demonstrates that CLI provides a repeatable faster way for provisioning ASK and deploying applications on it.


To clean up Serverless Kubernetes and dependency resources created in this lab using Alibaba CLI tool, run kubectl delete and aliyun cs DELETEcommands.

kubecetl delete -f svc.yml
kubectl delete -f https://k8s.io/examples/controllers/nginx-deployment.yaml

aliyun cs DELETE /clusters/cb2431df0d7334eeeb2e582b18cff8539

To clean up using UI, you need to navigate to the Clusters menu. On the right side, select More and click Delete.


On the pop-up screen, you can select resources that you want to retain


To delete the ASK cluster, you need to delete the Elastic Container Instances workload first since it will complain that dependencies are blocking from deleting the cluster. That includes deleting Nginx Ingress Controller deployment and completed pods.


Signup or Login to Join the Discussion


Related Stories