Alauda Container Platform

Clusters Overview

The platform supports multiple Kubernetes cluster management models depending on how the underlying infrastructure is provisioned and how the control plane is deployed.

TOC

Platform-Provisioned Infrastructure

Description:

In this model, the platform provisions both the machines and the node operating systems. All nodes use an Immutable OS, which ensures a consistent, declarative, and easily recoverable infrastructure state. This model provides full automation across the entire cluster lifecycle — from provisioning to scaling and upgrades.

Examples of Immutable OS:

Common Immutable OS examples include Fedora CoreOS, Flatcar Linux, and openSUSE MicroOS. Currently, the platform supports MicroOS for immutable node management.

Responsibilities:

ComponentManaged by
Machines / NodesPlatform
Node OSPlatform (Immutable OS only)
KubernetesPlatform

User-Provisioned Infrastructure

Description:

In this model, the user provides pre-provisioned physical or virtual machines. The platform installs and manages Kubernetes on these nodes, while node OS management — including provisioning, patching, or replacement — remains under the user's control.

This model is designed for organizations that already have established procedures or automation tools for managing their infrastructure or operating systems.

Responsibilities:

ComponentManaged by
Machines / NodesUser
Node OSUser
KubernetesPlatform

Connected Clusters

The platform also supports connecting and managing existing Kubernetes clusters, whether they are public cloud clusters or CNCF-compliant Kubernetes distributions.

Public Cloud Kubernetes

  • Connects to managed Kubernetes services such as EKS, AKS, and GKE through cloud-specific providers (e.g., Alauda Container Platform EKS Provider).
  • Cloud credentials can be securely stored in the platform.
  • Enables creation and management of public cloud clusters directly from the platform.

CNCF-Compliant Kubernetes

Tunnel-Based Connectivity

  • When the Global cluster cannot directly access a Workload cluster, a Tunnel Server (global side) and Tunnel Agent (workload side) establish secure communication.
  • Suitable for disconnected or restricted network environments.

Choosing the Right Model

ScenarioInfra Provisioned ByNode OS Managed ByKubernetes Managed ByAutomation Level
Platform-provisioned InfrastructurePlatformPlatform (Immutable OS only)PlatformFull
User-provisioned InfrastructureUserUserPlatformPartial
Connected Cluster (Cloud or CNCF)External ProviderExternal ProviderPartial / ExternalMinimal