How to Build a Hybrid Cloud Disaster‑Recovery System with Alibaba ACK One

Enterprises running Kubernetes clusters in an IDC often need same‑city disaster‑recovery (DR) to achieve high‑availability. Alibaba Cloud’s Distributed Cloud Container Platform ACK One provides a unified interface for traffic, application, and cluster management, enabling multi‑cluster routing and automatic smooth failover.

Key Components of ACK One

ACK One can register any Kubernetes cluster—whether on‑premises or in a public cloud—into a single management plane. It offers:

Cluster registration for unified control.

Fleet (multi‑cluster) management built on Argo CD and Open Cluster Management.

GitOps integration for continuous delivery across clusters.

Multi‑cluster gateway powered by MSE Ingress for seven‑layer traffic control, supporting HTTP routing, traffic splitting, health‑based failover, mirroring, and replica‑based load balancing.

Five‑Step Process to Build a Hybrid Cloud DR System

Register IDC or third‑party public‑cloud Kubernetes clusters using ACK One.

Establish network connectivity between the on‑premises network and the cloud VPC.

Create a Fleet and associate the registered clusters and ACK clusters.

(Optional) Deploy applications to multiple clusters via ACK One GitOps.

Enable and configure the ACK One multi‑cluster gateway to manage cross‑cluster traffic.

Detailed Steps

1. Register Clusters

In the ACK One console, create a registered cluster and import the kube‑config of the on‑premises cluster using the provided proxy‑configuration YAML. After successful import, the cluster status changes to “Running”.

2. Network Interconnectivity

Connect the IDC network to the cloud VPC (typically the same VPC as the ACK One Fleet) using a dedicated line. Follow the physical‑line connection guide, create edge routers, join the VPC to a Cloud Enterprise Network, configure BGP, and verify connectivity.

Typical steps:

Physical line to Alibaba Cloud.

Create edge router connections.

Join cloud router to VPC via Cloud Enterprise Network.

Configure BGP routing.

Test end‑to‑end connectivity.

Route IDC IP ranges to the cloud VPC.

3. Create Fleet and Associate Clusters

In the ACK One console, create a Fleet instance and add both the registered cluster and the newly created ACK cluster. The Fleet serves as the unified entry point for multi‑cluster management.

4. Deploy Applications via GitOps (Optional)

Use the ACK One GitOps feature—an Argo CD instance managed by the Fleet—to push applications to both clusters. The example deploys a web-demo application and verifies that the service name and namespace are identical across clusters.

5. Configure Multi‑Cluster Gateway

Enable the multi‑cluster gateway in the Fleet, create an MseIngressConfig to provision the gateway, and add both clusters. Then define Ingress routing rules to achieve same‑city DR. Example Ingress manifest:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: web-demo
  namespace: web-demo
spec:
  ingressClassName: mse
  rules:
  - host: example.com
    http:
      paths:
      - path: /svc1
        pathType: Exact
        backend:
          service:
            name: service1
            port:
              number: 80

After applying the Ingress, traffic is automatically routed between clusters, providing seamless failover in case of a zone outage.

Conclusion

ACK One delivers end‑to‑end multi‑cluster management: cluster registration, GitOps‑driven application delivery, and cloud‑native traffic control via the multi‑cluster gateway. In hybrid cloud scenarios, it enables serverless compute (e.g., ECI) for on‑demand scaling, reduces operational overhead, and ensures high‑availability disaster recovery across same‑city zones.