BestHub
Sign in
Cloud Native 19 min read

How to Build CNStack Community Edition with ACK Distro and Sealer

This guide explains how to create a CNStack Community Edition cluster image using ACK Distro as the base, package it with Sealer, configure it via Kubefile and Clusterfile, and enable advanced features such as open‑local storage and flexible component deployment.

Alibaba Cloud Native
Alibaba Cloud Native
Alibaba Cloud Native
How to Build CNStack Community Edition with ACK Distro and Sealer

1. Building CNStack Community Edition with ACK Distro

CNStack Community Edition (CNStack CE) is a free, open‑source member of the Alibaba Cloud native Stack family. It uses ACK Distro as the Kubernetes base image and the Sealer tool to package and deliver a cluster image.

Creating the Cluster Image

The process is driven by a Kubefile that defines the base image, copies required manifests, and runs Helm commands to install components. A simplified Kubefile looks like this:

# Use ACK Distro v1.20.4-ack-2 as the base image
FROM ack-agility-registry.cn-shanghai.cr.aliyuncs.com/ecp_builder/ackdistro:v1.20.4-ack-2
COPY imageList manifests
COPY kubeadm-cluster-config.yaml.tmpl etc
# Plugin definitions for pre/post hooks
COPY plugin_localpv.yaml plugin
COPY plugin_iptables.yaml plugin
COPY plugin_clean.yaml plugin
# Component charts
COPY ../component/charts/localpv charts
COPY ../component/charts/aecp-installer-operator charts
COPY ../component/charts/aecp charts
COPY ../component/charts/cluster-addon-configuration charts
COPY ../component/clusterconfig.yaml manifests
# Deploy components via Helm
CMD helm install localpv charts/localpv
CMD helm install aecp-installer-operator charts/aecp-installer-operator
CMD helm install aecp charts/aecp
# Cluster‑level configuration commands
CMD kubectl create ns cluster-local
CMD kubectl -n kube-system scale deploy hybridnet-webhook --replicas=1
CMD kubectl -n kube-system scale deploy hybridnet-manager --replicas=1
CMD kubectl taint nodes $(hostname | tr A-Z a-z) node-role.kubernetes.io/master=:NoSchedule-
CMD kubectl label nodes $(hostname | tr A-Z a-z) lb=nginx
CMD kubectl label nodes $(hostname | tr A-Z a-z) addon-local-repo=true
# Wait for components to become ready (≈3 min in test)
CMD for i in `seq 0 1 2000`; do if kubectl get addonconfiguration 2>/dev/null; then helm install cluster-addon-configuration charts/cluster-addon-configuration && break; fi; echo "wait CRD ready ... $i out of 2000 tries" && sleep 1; done
CMD kubectl apply -f manifests/clusterconfig.yaml
# Uninstall local storage pool if not needed
CMD helm uninstall -n kube-system open-local

The Kubefile also declares three main plugin types used by CNStack CE:

Plugin hooks (pre‑init, post‑install, etc.)

Helm‑based component deployment

Cluster‑wide configuration such as node labeling

Example Plugin: Preparing Local Directories

apiVersion: sealer.aliyun.com/v1alpha1
kind: Plugin
metadata:
  name: prepare_local_dir
spec:
  type: SHELL
  action: PreInit
  data: |
    rm -rf /var/lib/cnstackce
    rm -rf /opt/aecp
    vgremove open-local-pool-0 --force || echo "No vg: open-local-pool-0 found. OK"
    mkdir -p /var/lib/cnstackce/data/storage-loki-0
    mkdir -p /var/lib/cnstackce/data/addon-package-standard-pv
    mkdir -p /var/lib/cnstackce/data/caas-api-pv
    mkdir -p /var/lib/cnstackce/data/caas-core-pv
    mkdir -p /var/lib/cnstackce/data/caas-db-caas-db-0
    mkdir -p /var/lib/cnstackce/data/grafana-pv
    mkdir -p /var/lib/cnstackce/data/prometheus-k3s-db-prometheus-k3s-0
    touch /var/lib/cnstackce/data/checker

2. Flexible Configuration with Clusterfile

After building the image, you can run it on a single‑node VM (e.g., 8 CPU / 12 GB) with a simple command:

# Download Sealer binary
wget -c "http://sealer.oss-cn-beijing.aliyuncs.com/sealers/sealer-v0.5.2-linux-amd64.tar.gz" && tar -xvf sealer-v0.5.2-linux-amd64.tar.gz -C /usr/bin
# Run the CNStack CE image
sealer run registry.cn-qingdao.aliyuncs.com/sealer-apps/cnstack-ce:1.1.0 -m `hostname -i` -p $passwd

The basic deployment provides core CNStack functionality without extra data disks. To enable the full feature set (monitoring, logging, elasticity), you can modify the Clusterfile to activate the open‑local storage plugin and adjust the StorageClass.

Enabling open‑local Storage

First, create a volume group on each node:

apiVersion: sealer.aliyun.com/v1alpha1
kind: Plugin
metadata:
  name: prepare_vg
spec:
  type: SHELL
  action: PreInit
  data: |
    VG_DEV=#DataDiskDeviceName#
    yum install lvm2 -y
    vgremove open-local-pool-0 --force || echo "no open-local-pool-0 found, volume group Cleaning OK..."
    echo "start vgcreate. device name: $VG_DEV"
    vgcreate open-local-pool-0 $VG_DEV
    if [ $? -ne 0 ]; then echo "vgcreate failed" && exit 1; fi
    echo "vg preparation done with success."

Then reinstall the open‑local chart after the base image has been deployed:

apiVersion: sealer.aliyun.com/v1alpha1
kind: Plugin
metadata:
  name: install-open-local
spec:
  type: SHELL
  action: PostInstall
  on: $MASTER_IP_1
  data: |
    helm uninstall localpv
    helm install -n kube-system open-local charts/open-local

Finally, overwrite the StorageClass used by the ACK Agile component:

apiVersion: sealer.aliyun.com/v1alpha1
kind: Config
metadata:
  name: cluster-addon-sc
spec:
  path: charts/cluster-addon-configuration/values.yaml
  data: |
    dataStorageClass: open-local-lvm

3. Advantages of Using CNStack CE on ACK Distro

CNStack CE helps users quickly set up a cloud‑native foundation that abstracts heterogeneous IaaS resources into a unified platform. It supports compute, storage, and network dimensions:

Compute : Uses the same Kubernetes component images as Alibaba Cloud ACK, ensuring compatibility and security.

Storage (open‑local) : Provides a local‑disk‑based storage pool for environments without dedicated storage solutions, while reserving resources for etcd, Docker, and kubelet.

Network (Hybridnet) : Offers overlay/underlay networking to hide underlying infrastructure or directly expose high‑performance networks.

The ACK Agile component is already tested on major public clouds (Alibaba Cloud, Huawei Cloud, Telecom Cloud, EasyStack, VMWare, ZStack) and on CentOS ECS/physical machines.

4. Product Capabilities Overview

CNStack CE bundles three major capability areas:

Application Operations : Application publishing, artifact repository integration (including Alibaba Cloud ACR).

Platform Operations : Multi‑tenant and organization management with isolation for security.

Cluster Operations : Visibility into cluster and application status, resource lists, monitoring dashboards, and logs.

Future articles will dive deeper into each feature set.

5. References

ACK Distro official site: https://www.aliyun.com/product/aliware/ackdistro

ACK Distro GitHub: https://github.com/AliyunContainerService/ackdistro

Sealer GitHub: https://github.com/alibaba/sealer

Hybridnet network plugin: https://github.com/alibaba/hybridnet

Open‑local storage plugin: https://github.com/alibaba/open-local

CNStack Community Edition GitHub: https://github.com/alibaba/CNStackCommunityEdition

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

Cloud NativeKubernetesContainer ServiceSealerCNStackACK Distro
Alibaba Cloud Native
Written by

Alibaba Cloud Native

We publish cloud-native tech news, curate in-depth content, host regular events and live streams, and share Alibaba product and user case studies. Join us to explore and share the cloud-native insights you need.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment