How CNStack Enables Full Lifecycle Management of Cloud Services and Components

Introduction

CNStack 2.0 is Alibaba Cloud’s open, shared, and standardized cloud‑native ecosystem that helps enterprises build and manage cloud‑native applications more easily. It defines “cloud services” and “cloud components” as the core building blocks and supplies a toolchain for extending platform capabilities.

Cloud Service & Cloud Component Overview

CNStack currently offers services such as multi‑cluster management, distributed application management, distributed storage, virtualization, cloud‑edge collaboration, and service mesh. Each cloud service is composed of one or more cloud components, which are classified into four types:

Cloud Service Components – lifecycle matches the owning cloud service; further divided into control‑plane (deployed only on the primary cluster) and data‑plane (can be deployed on primary or guest clusters) components.

Cluster Components – maintained by a cluster administrator and unique within the cluster scope.

Project Components – deployed in a project namespace and managed by the project owner.

cn‑app‑operator: Full Lifecycle Management

The cn‑app‑operator uses Kubernetes CRDs to manage cloud services and components. Users submit a service/component definition, and the operator automatically drives the desired state through Helm actions (install, upgrade, rollback) and tracks history via Kubernetes ControllerRevision. Key functions include:

Automatic convergence to the declared final state.

Creation of cloud components from service declarations, with configuration overrides merged automatically.

Independent lifecycle for cluster components (install if absent, upgrade on newer version).

Label‑based workload tracking and status aggregation.

High scalability via extensible deployment adapters, supporting multi‑cluster and edge scenarios through OCM (Open Cluster Management).

Sealer: Build, Share, Run

Sealer, a CNCF‑graduated PaaS project, packages a cloud service or component (including definitions, assets, cn‑app‑operator, and all container images) into a Sealer Image that follows the OCI spec. The image can be stored in any Docker/OCI registry and deployed with a single sealer run command, enabling one‑click installation of the entire CNStack stack.

Ability Center White‑Screen Management

The CNStack Ability Center provides a UI‑driven “white‑screen” experience for importing Sealer Images or Helm charts, performing deployment, upgrade, configuration changes, and uninstall. It also automatically handles:

Label synchronization for multi‑cluster deployment based on ClusterLabelSelector.

Log collection from component pods without extra configuration.

Simple monitoring and alert integration (detailed guides forthcoming).

Future plans include online marketplace integration for one‑click installation in air‑gapped environments.

Summary

By combining Sealer, cn‑app‑operator, and the Ability Center, CNStack delivers a comprehensive, open‑source cloud‑native platform that streamlines service/component definition, lifecycle management, packaging, and operation, while reducing operational overhead and enabling seamless integration with UI frameworks, IAM, and other foundational capabilities.