Overview of ACS pod instances - Container Compute Service

In modern cloud computing and containerization environments, a pod is the smallest deployable unit in Kubernetes and typically consists of one or more containers. The compute class and computing power quality of a pod significantly affect application performance and resource utilization. Container Compute Service (ACS) provides multiple compute classes and levels of computing power quality to suit various business scenarios. This topic describes the limits and core features of ACS pods, including security isolation, CPU, memory, and GPU resource configuration, image pulling, storage, networking, and log collection.

Compute class definitions

ACS offers cost-effective CPU and GPU container compute classes. Different compute classes provide different resource allocations to suit various business scenarios.

Compute class	Label	Features
General-Purpose (Default)	general-purpose	Meets the needs of most stateless microservice applications, Java web applications, and computing tasks.
Performance	performance	Meets the needs of business scenarios that require higher performance, such as CPU-based AI/ML training and inference, and HPC batch processing.
GPU	gpu	Meets the needs of heterogeneous computing scenarios such as AI and HPC, including single-card and multi-card GPU inference and GPU parallel computing.
High-Performance Network GPU (gpu-hpn)	gpu-hpn	Meets the needs of heterogeneous computing scenarios such as AI and HPC, including distributed GPU training, distributed inference, and high-performance GPU computing.

You can specify the compute class of a pod using the alibabacloud.com/compute-class label. The following sample orchestrations for an Nginx application show how to specify the compute class as general-purpose, gpu, and gpu-hpn.

General-Purpose

apiVersion: apps/v1 
kind: Deployment
metadata:
  name: nginx-deployment
  labels:
    app: nginx
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
        alibabacloud.com/compute-class: general-purpose 
    spec:
      containers:
      - name: nginx
        image: registry.cn-hangzhou.aliyuncs.com/acs-sample/nginx:latest

GPU

apiVersion: apps/v1 
kind: Deployment
metadata:
  name: nginx-deployment
  labels:
    app: nginx
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
        # Specify the compute-class as gpu.
        alibabacloud.com/compute-class: "gpu"
        # Specify the GPU model series as example-model. Replace it with the actual model, such as T4.
        alibabacloud.com/gpu-model-series: "example-model"
    spec:
      containers:
      - name: nginx
        image: registry.cn-hangzhou.aliyuncs.com/acs-sample/nginx:latest
        resources:
          limits:
            cpu: 4
            memory: "8Gi"
            nvidia.com/gpu: "1" # Specify the number of GPUs. Replace the resource label and quantity with the actual values. 
          requests:
            cpu: 4
            memory: "8Gi"
            nvidia.com/gpu: "1" # Specify the number of GPUs. Replace the resource label and quantity with the actual values.

Note

For more information about the GPU card types and specifications that ACS supports, see Accelerated compute class specifications.

High-Performance Network GPU

apiVersion: apps/v1 
kind: Deployment
metadata:
  name: nginx-deployment
  labels:
    app: nginx
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
        # Specify the compute-class as gpu-hpn. 
        alibabacloud.com/compute-class: "gpu-hpn"
    spec:
      containers:
      - name: nginx
        image: registry.cn-hangzhou.aliyuncs.com/acs-sample/nginx:latest
        resources:
          limits:
            cpu: 4
            memory: "8Gi"
            nvidia.com/gpu: "1" # Specify the number of GPUs. Replace the resource label and quantity with the actual values. 
          requests:
            cpu: 4
            memory: "8Gi"
            nvidia.com/gpu: "1" # Specify the number of GPUs. Replace the resource label and quantity with the actual values.

Note

To use High-Performance Network GPUs in ACS, you must first create a GPU-HPN capacity reservation.

Computing power quality definitions

ACS offers two types of computing power quality. Different quality types provide different resource allocations to suit various business scenarios.

Computing power quality	Label	Features	Typical scenarios
Default	default	Some computing power fluctuations may occur. Instances are not forcibly evicted. Instance failures are handled through hot migration or by notifying the user to trigger an eviction.	Microservice applications Web applications Computing tasks
Best-Effort	best-effort	Some computing power fluctuations may occur. Instances may be forcibly preempted and evicted. An event notification is sent 5 minutes before eviction.	Big data computing Video transcoding Batch processing tasks

You can specify the computing power quality of a pod using the alibabacloud.com/compute-qos label. The following sample orchestration for an Nginx application specifies the computing power quality as default.

apiVersion: apps/v1 
kind: Deployment
metadata:
  name: nginx-deployment
  labels:
    app: nginx
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
        alibabacloud.com/compute-qos: default
    spec:
      containers:
      - name: nginx
        image: registry.cn-hangzhou.aliyuncs.com/acs-sample/nginx:latest

Note

The ACS computing power quality definition is different from the native Kubernetes Quality of Service (QoS) classes. The Default computing power quality corresponds to the Guaranteed QoS class in Kubernetes.
Instances with Best-Effort quality have dynamic inventory. We strongly recommend that you configure an inventory-first scheduling policy in your production environment. This policy allows the platform to automatically switch to the Default type when inventory is insufficient. For more information, see Custom resource scheduling policies.

Relationship between compute class and computing power quality

Compute class (Label)	Supported computing power quality (Label)
General-Purpose (general-purpose)	Default (default), Best-Effort (best-effort)
Performance (performance)	Default (default), Best-Effort (best-effort)
GPU (gpu)	Default (default), Best-Effort (best-effort)
High-Performance Network GPU (gpu-hpn)	Default (default)

Specify CPU vendor

The General-Purpose and Performance compute classes offer CPU computing power from two vendors: Intel and AMD.

You can specify the CPU vendor by adding the alibabacloud.com/cpu-vendors annotation to the pod or by defining the alibabacloud.com/cpu-vendors annotation in the pod template of the workload. To specify AMD CPUs, you must submit a ticket to be added to the whitelist. If you specify this annotation for compute classes other than General-Purpose and Performance, a message is returned indicating that specifying a CPU vendor is not supported. The supported values for this annotation are:

Key	Value	Description
`alibabacloud.com/cpu-vendors`	intel (default)	Specifies the CPU vendor as Intel. If not specified, the default value is "intel".
	amd	Specifies the CPU vendor as AMD.
	intel,amd	Specifies the CPU vendor as either Intel or AMD. The system selects a suitable CPU vendor based on inventory to create the instance. If you enter multiple values, you cannot specify a custom order of preference.

After the pod is created, you can check its CPU vendor by viewing the value of the alibabacloud.com/cpu-vendor label in the pod's YAML file.

The following sample orchestration for an Nginx application specifies the CPU vendor as amd.

apiVersion: apps/v1 
kind: Deployment
metadata:
  name: nginx-deployment
  labels:
    app: nginx
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
        alibabacloud.com/compute-class: general-purpose
        alibabacloud.com/compute-qos: default
      annotations:
        alibabacloud.com/cpu-vendors: amd
    spec:
      containers:
      - name: nginx
        image: registry.cn-hangzhou.aliyuncs.com/acs-sample/nginx:latest

Warning

Do not use ACS system tags, such as alibabacloud.com/compute-class, alibabacloud.com/compute-qos, and alibabacloud.com/cpu-vendor, as filter labels for workload matchLabels. These tags may be modified by the system, which can cause the controller to frequently recreate pods and affect application stability.

Core features

Feature	Description
Security isolation	As a secure and reliable serverless container runtime environment, each ACS pod instance is completely isolated using lightweight security sandbox technology. This ensures that instances do not affect each other. Instances are also scheduled on different physical servers whenever possible to further ensure high availability.
CPU/Memory/GPU/EphemeralStorage resource specification configuration	Specify resource requests for a container's CPU, memory, EphemeralStorage, and GPU: You can configure the reserved CPU, memory, EphemeralStorage, and GPU resources for a single container using the standard Kubernetes method (`resources.requests`). The resources for an ACS pod are the sum of the resources required by all containers within the pod. ACS automatically snaps the pod's specifications. Specify resource limits for a container's CPU, memory, EphemeralStorage, and GPU: You can limit the CPU, memory, EphemeralStorage, and GPU resources for a single container using the standard Kubernetes method (`resources.limits`). If not specified, the resource limit for a single container defaults to the sum of the resources of all containers in the snapped pod.
Image	By default, an ACS pod pulls container images remotely from the VPC associated with the pod each time it starts. If the image is a public image, you must enable a NAT Gateway for the VPC. We recommend storing your container images in Alibaba Cloud Container Registry (ACR) to reduce image pull times over the VPC network. Additionally, for private images on ACR, ACS provides a password-free image pull feature for your convenience.
Storage	ACS supports four types of persistent storage: disks, NAS, OSS, and CPFS. Disk Disks support ESSD, ESSD AutoPL, SSD, and ultra disk types. You can choose the disk type that meets your needs. For detailed performance information, see Overview of disk persistent volumes. Supports dynamic provisioning of PVs. For more information, see Use dynamically provisioned disk volumes. NAS Statically provisioned NAS supports General-purpose Capacity and Extreme specifications. Dynamically provisioned NAS defaults to the General-purpose Capacity type. For more information about specifications, see Details. Supports dynamic and static provisioning of PVs. For more information, see Overview of NAS persistent volumes. OSS Supports static provisioning of PVs. For more information, see Use statically provisioned OSS volumes. CPFS Supports static provisioning of PVs. For more information, see Use statically provisioned CPFS volumes.
Network	By default, an ACS pod uses an independent pod IP address and occupies an elastic network interface (ENI) on the vSwitch. In an ACS cluster environment, pods can connect to each other as follows: Access directly using the pod IP address. Mount an ACS pod to a LoadBalancer Service. For more information, see Expose an application using an existing Server Load Balancer instance. Access a ClusterIP Service: ACS pods can access ClusterIP addresses in the cluster. For more information, see Create a virtual cluster IP service. Mount an EIP: You can mount an EIP to an ACS pod. You can automatically create an EIP or bind to an existing EIP instance. For more information, see Mount an EIP to a pod using annotations.
Log collection	You can directly configure environment variables for the pod to collect `stdout` or file logs to Alibaba Cloud Simple Log Service (SLS).

Resource specifications

Warning

In ACS clusters, the specifications of pods with GPU and GPU-HPN compute classes are automatically snapped upon submission. For example, pods with GPU compute classes are uniformly snapped to the Guaranteed QoS class, where Request equals Limit. When you use ACS GPU computing power elastically through other channels, such as ACK clusters or ACK One clusters, this resource specification snapping is not reflected in the pod metadata. You must ensure that the pod's QoS remains unchanged before and after submission. For example, ensure that GPU compute classes are submitted with the Guaranteed QoS class to prevent pod status update failures.

General compute classes

General-Purpose compute class

vCPU	Memory (GiB)	Memory step size (GiB)	Network bandwidth (outbound + inbound) (Gbit/s)	Storage
0.25	0.5, 1, 2	N/A	0.08	Storage up to 30 GiB is free. For storage exceeding 30 GiB, you are charged for the excess portion. A maximum of 512 GiB can be configured. If you need additional storage space, you can expand it by mounting a storage volume such as NAS.
0.5	1 to 4	1	0.08
1	1 to 8		0.1
1.5	2 to 12		1
2	2 to 16		1
2.5	3 to 20		1.5
3	3 to 24
3.5	4 to 28
4	4 to 32
4.5	5 to 36
5	5 to 40
5.5	6 to 44
6	6 to 48
6.5	7 to 52		2.5
7	7 to 56
7.5	8 to 60
8	8 to 64
8.5	9 to 68
9	9 to 72
9.5	10 to 76
10	10 to 80
10.5	11 to 84
11	11 to 88
11.5	12 to 92
12	12 to 96
12.5	13 to 100		3
13	13 to 104
13.5	14 to 108
14	14 to 112
14.5	15 to 116
15	15 to 120
15.5	16 to 124
16	16 to 128
24	24, 48, 96, 192	N/A	4.5
32	32, 64, 128, 256	N/A	6
48	48, 96, 192, 384	N/A	12.5
64	64, 128, 256, 512	N/A	20

Performance compute class

vCPU	Memory (GiB)	Memory step size (GiB)	Network bandwidth (outbound + inbound) (Gbit/s)	Storage
0.25	0.5, 1, 2	N/A	0.1	Storage up to 30 GiB is free. For storage exceeding 30 GiB, you are charged for the excess portion. A maximum of 512 GiB can be configured. If you need additional storage space, you can expand it by mounting a storage volume such as NAS.
0.5	1 to 4	1	0.5
1	1 to 8
1.5	2 to 12
2	2 to 16		1.5
2.5	3 to 20
3	3 to 24
3.5	4 to 28
4	4 to 32		2
4.5	5 to 36
5	5 to 40
5.5	6 to 44
6	6 to 48		2.5
6.5	7 to 52
7	7 to 56
7.5	8 to 60
8	8 to 64		3
8.5	9 to 68
9	9 to 72
9.5	10 to 76
10	10 to 80		3.5
10.5	11 to 84
11	11 to 88
11.5	12 to 92
12	12 to 96		4
12.5	13 to 100
13	13 to 104
13.5	14 to 108
14	14 to 112		4.5
14.5	15 to 116
15	15 to 120
15.5	16 to 124
16	16 to 128		6
24	24, 48, 96, 192	N/A	8
32	32, 64, 128, 256	N/A	10
48	48, 96, 192, 384	N/A	16
64	64, 128, 256, 512	N/A	25

Important

To use ACS pods with more than 16 vCPUs or 128 GiB of memory, submit a ticket to apply for a quota increase.

If you do not specify specifications, which means neither .resources.requests nor .resources.limits are set for the container, a pod defaults to 2 vCPUs and 4 GiB of memory.

ACS automatically snaps the pod specifications. It takes the maximum of the cumulative values of the container's .resources.requests or .resources.limits and snaps it to the nearest supported specification. This specification is then exposed through the alibabacloud.com/pod-use-spec annotation. If an upward snap occurs, ACS adjusts the container's .resources.requests or .resources.limits to ensure that all paid resources can be used.

ACS pod specification snapping logic

For example, if the cumulative value of .resources.requests or .resources.limits is 2 vCPUs and 3.5 GiB of memory, ACS automatically snaps the pod's specifications to 2 vCPUs and 4 GiB of memory when the pod starts. The additional resources are applied to the first container, and the annotation alibabacloud.com/pod-use-spec=2-4Gi is added to the pod. The following sample shows the resource declaration:

apiVersion: apps/v1 
kind: Pod
metadata:
  labels:
    app: nginx
    alibabacloud.com/compute-class: general-purpose
    alibabacloud.com/compute-qos: default
spec:
  containers:
  - name: nginx
    resources:
      requests:
        cpu: 2 # Declare 2 vCPUs for CPU
        memory: "3.5Gi" # Declare 3.5 GiB for memory
        ephemeral-storage: "30Gi" # Declare 30 GiB for storage

The resource declaration after snapping is as follows:

apiVersion: apps/v1 
kind: Pod
metadata:
  annotations:
    alibabacloud.com/pod-use-spec: "2-4Gi"
  labels:
    app: nginx
    alibabacloud.com/compute-class: general-purpose
    alibabacloud.com/compute-qos: default
spec:
  containers:
  - name: nginx
    resources:
      requests:
        cpu: 2 # Declare 2 vCPUs for CPU
        memory: "4Gi" # Declare 4 GiB for memory
        ephemeral-storage: "30Gi" # Declare 30 GiB for storage

Accelerated compute classes

ACS supports the following GPU card types. The specifications vary by card type. For details about the relationships between specifications, submit a ticket.

GU8TF

GPU (cards)	vCPU	Memory (GiB)	Memory step size (GiB)	Storage (GiB)
1 (96 GB GPU memory)	2	2 to 16	1	30 to 256
	4	4 to 32	1
	6	6 to 48	1
	8	8 to 64	1
	10	10 to 80	1
	12	12 to 96	1
	14	14 to 112	1
	16	16 to 128	1
	22	22, 32, 64, 128	N/A
2 (96 GB × 2 GPU memory)	16	16 to 128	1	30 to 512
	32	32, 64, 128, 230	N/A
	46	64, 128, 230	N/A
4 (96 GB × 4 GPU memory)	32	32, 64, 128, 256	N/A	30 to 1024
	64	64, 128, 256, 460	N/A
	92	128, 256, 460	N/A
8 (96 GB × 8 GPU memory)	64	64, 128, 256, 512	N/A	30 to 2048
	128	128, 256, 512, 920	N/A
	184	256, 512, 920	N/A

GU8TEF

GPU (cards)	vCPU	Memory (GiB)	Memory step size (GiB)	Storage (GiB)
1 (141 GB GPU memory)	2	2 to 16	1	30 to 768
	4	4 to 32	1
	6	6 to 48	1
	8	8 to 64	1
	10	10 to 80	1
	12	12 to 96	1
	14	14 to 112	1
	16	16 to 128	1
	22	22, 32, 64, 128, 225	N/A
2 (141 GB × 2 GPU memory)	16	16 to 128	1	30 to 1536
	32	32, 64, 128, 256	N/A
	46	64, 128, 256, 450	N/A
4 (141 GB × 4 GPU memory)	32	32, 64, 128, 256	N/A	30 to 3072
	64	64, 128, 256, 512	N/A
	92	128, 256, 512, 900	N/A
8 (141 GB × 8 GPU memory)	64	64, 128, 256, 512	N/A	30 to 6144
	128	128, 256, 512, 1024	N/A
	184	256, 512, 1024, 1800	N/A

L20(GN8IS)

GPU (cards)	vCPU	Memory (GiB)	Memory step size (GiB	Storage (GiB)
1 (48 GB GPU memory)	2	2 to 16	1	30 to 256
	4	4 to 32	1
	6	6 to 48	1
	8	8 to 64	1
	10	10 to 80	1
	12	12 to 96	1
	14	14 to 112	1
	16	16 to 120	1
2 (48 GB × 2 GPU memory)	16	16 to 128	1	30 to 512
2 (48 GB × 2 GPU memory)	32	32, 64, 128, 230	N/A	30 to 512
4 (48 GB × 4 GPU memory)	32	32, 64, 128, 256	N/A	30 to 1024
4 (48 GB × 4 GPU memory)	64	64, 128, 256, 460	N/A	30 to 1024
8 (48 GB × 8 GPU memory)	64	64, 128, 256, 512	N/A	30 to 2048
8 (48 GB × 8 GPU memory)	128	128, 256, 512, 920	N/A	30 to 2048

L20X (GX8SF)

GPU (cards)	vCPU	Memory (GiB)	Memory step size (GiB)	Storage (GiB)
8 (141 GB × 8 GPU memory)	184	1800	N/A	30 to 6144

P16EN

GPU (cards)	vCPU	Memory (GiB)	Memory step size (GiB)	Storage (GiB)
1 (96 GB GPU memory)	2	2 to 16	1	30 to 384
	4	4 to 32	1
	6	6 to 48	1
	8	8 to 64	1
	10	10 to 80	1
2 (96 GB × 2 GPU memory)	4	4 to 32	1	30 to 768
	6	6 to 48	1
	8	8 to 64	1
	16	16 to 128	1
	22	32, 64, 128, 225	N/A
4 (96 GB × 4 GPU memory)	8	8 to 64	1	30 to 1536
	16	16 to 128	1
	32	32, 64, 128, 256	N/A
	46	64, 128, 256, 450	N/A
8 (96 GB × 8 GPU memory)	16	16 to 128	1	30 to 3072
	32	32, 64, 128, 256	N/A
	64	64, 128, 256, 512	N/A
	92	128, 256, 512, 900	N/A
16 (96 GB × 16 GPU memory)	32	32, 64, 128, 256	N/A	30 to 6144
	64	64, 128, 256, 512	N/A
	128	128, 256, 512, 1024	N/A
	184	256, 512, 1024, 1800	N/A

G49E

GPU (cards)	vCPU	Memory (GiB)	Memory step size (GiB)	Storage (GiB)
1 (48 GB GPU memory)	2	2 to 16	1	30 to 256
	4	4 to 32	1
	6	6 to 48	1
	8	8 to 64	1
	10	10 to 80	1
	12	12 to 96	1
	14	14 to 112	1
	16	16 to 120	1
2 (48 GB × 2 GPU memory)	16	16 to 128	1	30 to 512
2 (48 GB × 2 GPU memory)	32	32, 64, 128, 230	N/A	30 to 512
4 (48 GB × 4 GPU memory)	32	32, 64, 128, 256	N/A	30 to 1024
4 (48 GB × 4 GPU memory)	64	64, 128, 256, 460	N/A	30 to 1024
8 (48 GB × 8 GPU memory)	64	64, 128, 256, 512	N/A	30 to 2048
8 (48 GB × 8 GPU memory)	128	128, 256, 512, 920	N/A	30 to 2048

T4

GPU (cards)	vCPU	Memory (GiB)	Memory step size (GiB)	Storage (GiB)
1 (16 GB GPU memory)	2	2 to 8	1	30 to 1536
	4	4 to 16	1
	6	6 to 24	1
	8	8 to 32	1
	10	10 to 40	1
	12	12 to 48	1
	14	14 to 56	1
	16	16 to 64	1
	24	24, 48, 90	N/A	30 to 1536
2 (16 GB × 2 GPU memory)	16	16 to 64	1
	24	24, 48, 96	N/A
	32	32, 64, 128	N/A
	48	48, 96, 180	N/A

A10

GPU (cards)	vCPU	Memory (GiB)	Memory step size (GiB)	Storage (GiB)
1 (24 GB GPU memory)	2	2 to 8	1	30 to 256
	4	4 to 16	1
	6	6 to 24	1
	8	8 to 32	1
	10	10 to 40	1
	12	12 to 48	1
	14	14 to 56	1
	16	16 to 60	1
2 (24 GB × 2 GPU memory)	16	16 to 64	1	30 to 512
2 (24 GB × 2 GPU memory)	32	32, 64, 120	N/A	30 to 512
4 (24 GB × 4 GPU memory)	32	32, 64, 128	N/A	30 to 1024
4 (24 GB × 4 GPU memory)	64	64, 128, 240	N/A	30 to 1024
8 (24 GB × 8 GPU memory)	64	64, 128, 256	N/A	30 to 2048
8 (24 GB × 8 GPU memory)	128	128, 256, 480	N/A	30 to 2048

G59

GPU (cards)	vCPU	Memory (GiB)	Memory step size (GiB)	Storage (GiB)	Network
1 (32 GB GPU memory)	2	2 to 16	1	30 to 256	1 Gbit/s per vCPU
	4	4 to 32	1
	6	6 to 48	1
	8	8 to 64	1
	10	10 to 80	1
	12	12 to 96	1
	14	14 to 112	1
	16	16 to 128	1
	22	22, 32, 64, 128	N/A
2 (32 GB × 2 GPU memory)	16	16 to 128	1	30 to 512
	32	32, 64, 128, 256	N/A
	46	64, 128, 256, 360	N/A
4 (32 GB × 4 GPU memory)	32	32, 64, 128, 256	N/A	30 to 1024
	64	64, 128, 256, 512	N/A
	92	128, 256, 512, 720	N/A
8 (32 GB × 8 GPU memory)	64	64, 128, 256, 512	N/A	30 to 2048
	128	128, 256, 512, 1024	N/A		100 Gbit/s
	184	256, 512, 1024, 1440	N/A		100 Gbit/s

Important

All the card types listed above share the same specifications for scenarios such as pay-as-you-go, capacity reservation, and Best-Effort. Note the following:

For specifications with 16 GiB of memory or less, the memory overhead is covered by ACS. For specifications with more than 16 GiB of memory, the memory overhead is allocated to the corresponding pod. Make sure to reserve sufficient resources for your application to ensure its stable operation.
System disks with a capacity of 30 GiB or less are free of charge, including the image size. For system disks that exceed 30 GiB, you are charged for the excess portion.

Automatic specification snapping

If you do not specify specifications, a GPU container pod is created with the minimum specification based on the GPU type. For example, 2 vCPUs, 2 GiB of memory, and one GPU card as shown in the tables above.

ACS automatically snaps unsupported specifications. After snapping, the container's .resources.requests does not change, but the pod specification is exposed through the alibabacloud.com/pod-use-spec annotation. When the resource limit specified for a container (resources.limits) exceeds the pod's specification, ACS sets the container's resource limit to the pod's specification.

Note

CPU and memory snapping logic: If the total resources of all containers add up to 2 vCPUs and 3.5 GiB of memory, ACS automatically snaps the pod to 2 vCPUs and 4 GiB of memory. The additional resources are applied to the first container. The pod exposes the annotation alibabacloud.com/pod-use-spec=2-4Gi. If a single container in the pod specifies a resource limit of 3 vCPUs and 5 GiB of memory, the container's resource limit is set to 2 vCPUs and 5 GiB.
GPU snapping logic: If the number of GPUs requested by the pod is not in the table, the pod submission fails.

GPU-HPN compute class

For the GPU-HPN compute class, ACS sets the resource limit equal to the resource request. The pod's resource specifications are also constrained by the node capacity. If the requested specifications exceed the node capacity, the pod enters a pending state due to insufficient resources. For specific node specifications, see the purchase documentation.

Kubernetes application limits

ACS seamlessly integrates with Kubernetes through virtual nodes. Therefore, ACS pods do not run on a single physical node but are distributed across the Alibaba Cloud resource pool. Due to the security of the public cloud and the limitations of virtual nodes, ACS does not support some Kubernetes features, such as HostPath and DaemonSet. The following table describes these limits in detail.

Limit	Description	Handling policy for validation failure	Recommended alternative
DaemonSet	Limits the use of DaemonSet workloads.	The pod runs but does not function as expected.	Deploy multiple containers in a pod as sidecars.
Service of type=NodePort	This service type maps host ports to containers.	The submission is rejected.	Use a Server Load Balancer (SLB) service with `type=LoadBalancer`.
HostNetwork	This setting maps host ports to containers.	The value is rewritten to `HostNetwork=false`.	Not required.
HostIPC	Restricting communication between container processes and host processes	The value is rewritten to `HostIPC=false`.	Not required.
HostPID	This setting gives the container visibility into the host's process ID (PID) space.	The value is rewritten to `HostPID=false`.	Not required.
HostUsers	Restricting user namespaces	The value is rewritten to an empty value.	Not required.
DNSPolicy	Restrict a specific DNSPolicy Note None Default ClusterFirst	A `ClusterFirstWithHostNet` configuration is rewritten to `ClusterFirst`. Submissions with other policies are rejected.	Use an allowed value.

Port usage

The following table lists the ports that are reserved by ACS. Avoid using these ports when you deploy services.

Port	Description
111, 10250, 10255	Ports used by the ACS cluster for interfaces such as exec, logs, and metrics.