ALIYUN::ECI::ContainerGroup is used to create a container group.
Syntax
{
"Type": "ALIYUN::ECI::ContainerGroup",
"Properties": {
"SecurityContextSysctl": List,
"Memory": Number,
"InitContainer": List,
"Cpu": "Number",
"EipInstanceId": String,
"ContainerGroupName": String,
"Container": List,
"ImageSnapshotId": String,
"DnsConfig": Map,
"AutoMatchImageCache": Boolean,
"Ipv6AddressCount": Integer,
"ImageRegistryCredential": List,
"SpotPriceLimit": Number,
"InstanceType": String,
"SpotStrategy": String,
"ActiveDeadlineSeconds": Integer,
"HostAliase": List,
"ZoneId": String,
"TerminationGracePeriodSeconds": Integer,
"VSwitchId": String,
"SecurityGroupId": String,
"SlsEnable": Boolean,
"RestartPolicy": String,
"RamRoleName": String,
"Volume": List,
"AcrRegistryInfo": List,
"Tag": List
}
}Properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| EipInstanceId | String | No | No | The instance ID of the elastic IP address (EIP). | None |
| Container | List | Yes | Yes | The containers in the container group. | For more information, see Container properties. |
| DnsConfig | Map | No | Yes | The Domain Name System (DNS) configurations. | For more information, see DnsConfig properties. |
| InitContainer | List | No | Yes | The list of initialized containers. | For more information, see InitContainer properties. |
| SecurityGroupId | String | Yes | No | The ID of the security group to which the instance belongs. | Instances within the same security group can access each other. |
| ContainerGroupName | String | Yes | No | The name of the container group. | None |
| ZoneId | String | No | No | The ID of the zone to which the instance belongs. | If this parameter is not specified, the system selects a zone. This parameter is empty by default. |
| Volume | List | No | Yes | The list of volumes. | A maximum of 20 volumes can be specified.
For more information, see Volume properties. |
| HostAliase | List | No | No | The mapping between hostnames and IP addresses for a container in the container group. | For more information, see HostAliase properties. |
| RestartPolicy | String | No | Yes | The policy for restarting the instance. | Default value: Always. Valid values:
|
| Tag | List | No | Yes | The tags of the container group in the key-value pair format. | A maximum of 20 tags can be specified for each container group. In a key-value pair,
both the key and the value are strings.
For more information, see Tag properties. |
| VSwitchId | String | Yes | No | The ID of the vSwitch. All elastic container instances are deployed in virtual private clouds (VPCs). | The number of IP addresses in the vSwitch CIDR block determines the maximum number of container groups that can be created in the vSwitch. Before you create an elastic container instance, plan the CIDR block of the vSwitch. |
| ImageRegistryCredential | List | No | Yes | The information for logging on to the container image repository. This information includes server addresses, usernames, and passwords. | For more information, see ImageRegistryCredential properties. |
| Memory | Number | No | Yes | The memory size. | None |
| SlsEnable | Boolean | No | No | Specifies whether to enable logging. | Default value: False. |
| SecurityContextSysctl | List | No | No | The security context of the container group. | For more information, see SecurityContext properties. |
| Cpu | Number | No | Yes | The number of vCPUs. | None |
| ImageSnapshotId | String | No | No | The cache ID of the image or the ID of the snapshot that is used to create the image. | None |
| SpotPriceLimit | Number | No | No | The maximum hourly price of the instance. | Three decimal places are allowed at most. This parameter takes effect only when the SpotStrategy parameter is set to SpotWithPriceLimit. |
| AutoMatchImageCache | Boolean | No | No | Specifies whether to automatically match the image cache. | None |
| SpotStrategy | String | No | No | The preemption policy for the instance. | Default value: NoSpot. Valid values:
|
| TerminationGracePeriodSeconds | Integer | No | No | The buffer time for the program to handle operations before it is stopped. | Unit: seconds. |
| ActiveDeadlineSeconds | Integer | No | No | The validity period of the container group. | Unit: seconds. |
| Ipv6AddressCount | Integer | No | No | The number of IPv6 addresses. | None |
| RamRoleName | String | No | No | The RAM role name of the instance. | Elastic container instances and Elastic Compute Service (ECS) instances share the same RAM role. |
| AcrRegistryInfo | List | No | No | The configuration information of the access credential for the Container Registry Enterprise Edition instance. | For more information, see AcrRegistryInfo properties. |
| InstanceType | String | No | No | The type of the instance. | None |
Container syntax
"Container": [
{
"EnvironmentVar": List,
"Tty": Boolean,
"SecurityContext": Map,
"Name": String,
"ImagePullPolicy": String,
"Image": String,
"Stdin": boolean,
"WorkingDir": String,
"LivenessProbe": Map,
"Cpu": Number,
"Command": List,
"Memory": Number,
"ReadinessProbe": Map,
"VolumeMount": List,
"Port": List,
"Arg": List,
"StdinOnce": Boolean
}
]Container properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| EnvironmentVar | List | No | No | The environment variables in the container. | Each container variable is stored as a key-value pair. Both the key and the value
are strings. The key specifies the name of a variable, and the value specifies the
value of a variable.
A maximum of 100 environment variables can be specified. For more information, see EnvironmentVar properties. |
| Tty | Boolean | No | No | Specifies whether to allocate a TeleTYpe (TTY) for the container. | Valid values:
|
| SecurityContext | Map | No | No | The security context of the container group. | Set the value to true. |
| Name | String | Yes | No | The name of the container. | None |
| ImagePullPolicy | String | No | No | The policy for pulling the image. | None |
| Image | String | Yes | No | The image of the container. | None |
| Stdin | Boolean | No | No | Specifies whether to allocate a buffer for standard input in the container runtime. | Valid values:
|
| WorkingDir | String | No | No | The working directory of the container. | None |
| LivenessProbe | Map | No | No | The liveness probe of the container. | For more information, see LivenessProbe properties. |
| Cpu | Number | No | No | The number of vCPUs assigned to the container. | None |
| Command | List | No | No | The list of commands to be sent to the container. | A maximum of one command can be specified. The command can be up to 256 characters in length. |
| Memory | Number | No | No | The memory assigned to the container. | Unit: GiB. |
| ReadinessProbe | Map | No | No | The readiness probe of the container. | For more information, see ReadinessProbe properties. |
| VolumeMount | List | No | No | The number of volumes that are mounted to the container. | A maximum of 16 volumes can be specified.
For more information, see VolumeMount properties. |
| Port | List | No | No | The enabled ports and protocols. | A maximum of 100 ports can be specified. Valid values:
For more information, see Port properties. |
| Arg | List | No | No | The arguments that are passed to the command. | The arguments must be of the String type. A maximum of 10 arguments can be specified. |
| StdinOnce | Boolean | No | No | Specifies whether to close the standard input stream after the client that is attached for the first time disconnects. | Valid values:
|
LivenessProbe syntax
"LivenessProbe": {
"TcpSocket.Port": Integer,
"HttpGet.Scheme": String,
"HttpGet.Port": Integer,
"FailureThreshold": Integer,
"InitialDelaySeconds": Integer,
"TimeoutSeconds": Integer,
"SuccessThreshold": Integer,
"Exec.Command": List,
"PeriodSeconds": Integer,
"HttpGet.Path": String
}LivenessProbe properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| TcpSocket.Port | Integer | No | No | The port to which the system sends a TCP socket request for a health check. | None |
| HttpGet.Scheme | String | No | No | The protocol that is used to connect to the host. | Valid values:
|
| HttpGet.Port | Integer | No | No | The port to which the system sends an HTTP GET request for a health check. | None |
| FailureThreshold | Integer | No | No | The minimum number of consecutive failures that must occur for the probe to be considered failed after the probe succeeds. | The failures must occur in a consecutive manner for this parameter to take effect.
Default value: 3. |
| InitialDelaySeconds | Integer | No | No | The time period after the container has started before probes are initiated. | Unit: seconds. |
| TimeoutSeconds | Integer | No | No | The duration after which the probe times out. Unit: seconds. | Minimum value: 1.
Default value: 1. |
| SuccessThreshold | Integer | No | No | The minimum number of consecutive successes that must occur for the probe to be considered successful after the probe fails. | Set the value to 1.
Default value: 1. |
| Exec.Command | List | No | No | The commands that are used to run the probe. | None |
| PeriodSeconds | Integer | No | No | The probe cycle. | Unit: seconds.
Minimum value: 1. Default value: 10. |
| HttpGet.Path | String | No | No | The path of an HTTP GET request to perform a health check. | None |
DnsConfig syntax
"DnsConfig": {
"NameServer": List,
"Search": List,
"Option": List
}DnsConfig properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| NameServer | List | No | No | The list of IP addresses of DNS servers. | None |
| Search | List | No | No | The list of DNS search domains. | None |
| Option | List | No | No | The list of options. | Each option consists of a name and a value. The value of each option is optional.
For more information, see Option properties. |
InitContainer syntax
"InitContainer": [
{
"EnvironmentVar": List,
"SecurityContext": Map,
"Name": String,
"Image": String,
"Arg": List,
"WorkingDir": String,
"Port": List,
"Command": List,
"Memory": Number,
"ImagePullPolicy": String,
"VolumeMount": List,
"Cpu": Number
}
]InitContainer properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| EnvironmentVar | List | No | No | The environment variables in the container. | Each container variable is stored as a key-value pair. Both the key and the value
are strings. The key specifies the name of a variable, and the value specifies the
value of a variable.
A maximum of 100 environment variables can be specified. Set the value to status.podIP. |
| SecurityContext | Map | No | No | The security context of the container group. | Set the value to true. |
| Name | String | No | No | The name of the container. | None |
| Image | String | No | No | The image of the container. | None |
| Arg | List | No | No | The arguments that are passed to the command. | The arguments must be of the String type. A maximum of 10 arguments can be specified. |
| WorkingDir | String | No | No | The working directory of the container. | None |
| Port | List | No | No | The enabled ports and protocols. | A maximum of 100 ports can be specified. Valid values:
|
| Command | List | No | No | The list of commands to be sent to the container. | A maximum of one command can be specified. The command can be up to 256 characters in length. |
| Memory | Number | No | No | The memory assigned to the container. | Unit: GB |
| ImagePullPolicy | String | No | No | The policy for pulling the image. | None |
| VolumeMount | List | No | No | The number of volumes that are mounted to the container. | A maximum of 16 volumes can be specified. |
| Cpu | Number | No | No | The number of vCPUs assigned to the container. | None |
Volume syntax
"Volume": [
{
"NFSVolume.Path": String,
"Name": String,
"EmptyDirVolume.Medium": String,
"NFSVolume.Server": String,
"NFSVolume.ReadOnly": Boolean,
"ConfigFileVolume.ConfigFileToPath": List,
"Type": String
}
]Volume properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| NFSVolume.Path | String | No | No | The path of the Network File System (NFS) volume. | None |
| Name | String | Yes | No | The name of the volume. | None |
| EmptyDirVolume.Medium | String | No | No | The storage medium for the emptyDir volume. | By default, the file system on the node is used.
Set the value to Memory. If you set this parameter to Memory, emptyDir volumes are stored in memory. |
| NFSVolume.Server | String | No | No | The IP address of the NFS server. | None |
| NFSVolume.ReadOnly | Boolean | No | No | Specifies whether the NFS volume is read-only. | Default value: false. |
| ConfigFileVolume.ConfigFileToPath | List | No | No | The paths to configuration files. | For more information, see ConfigFileVolume.ConfigFileToPath properties. |
| Type | String | Yes | No | The type of the volume. | Valid values:
|
HostAliase syntax
"HostAliase": [
{
"Ip": String,
"Hostname": List
}
]HostAliase properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| Ip | String | No | No | The IP addresses. | None |
| Hostname | List | No | No | The hostnames. | None |
ImageRegistryCredential syntax
"ImageRegistryCredential": [
{
"UserName": String,
"Password": String,
"Server": String
}
]ImageRegistryCredential properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| UserName | String | Yes | No | The username that is used to log on to the container image repository. | None |
| Password | String | Yes | No | The password that is used to log on to the container image repository. | None |
| Server | String | Yes | No | The IP address of the container image repository. | This IP address does not contain the protocol prefix, such as http:// or https://.
|
EnvironmentVar syntax
"EnvironmentVar": {
"Key": String,
"Value": String,
"FieldRef.FieldPath": String
}EnvironmentVar properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| Key | String | No | No | The name of the variable. | The name must be 1 to 128 characters in length and can contain letters, digits, and underscores (_). It cannot start with a digit. |
| Value | String | No | No | The value of the variable. | The value must be 0 to 256 characters in length. |
| FieldRef.FieldPath | String | No | No | The reference to another variable. | Only status.podIP is supported. |
SecurityContext syntax
"SecurityContext": {
"Capability.Add": List,
"RunAsUser": Interger,
"ReadOnlyRootFilesystem": Boolen
}SecurityContext properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| Capability.Add | List | No | No | The capabilities that can be added to containers. | Set the value to NET_ADMIN. |
| RunAsUser | Integer | No | No | The ID of the user. | None |
| ReadOnlyRootFilesystem | Boolean | No | No | Specifies whether to mount the root file system in read-only mode. | Set the value to true. |
VolumeMount syntax
"VolumeMount": [
{
"Name": String,
"ReadOnly": Boolen,
"MountPath": String
}
]VolumeMount properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| Name | String | No | No | The name of the volume. | The name is the same as the value specified for the Name parameter in the volume-related section. |
| ReadOnly | Boolean | No | No | Specifies whether to mount the volume in read-only mode. | Default value: false. |
| MountPath | String | No | No | The mount path of the volume. | The data in the destination directory is overwritten by the data in the mounted volume. |
Port syntax
"Port": [
{
"Port": Interger,
"Protocol": String
}
]Port properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| Port | Integer | No | No | The port number. | Valid values: 1 to 65535. |
| Protocol | String | No | No | The protocol that the port uses. | Valid values:
|
ConfigFileVolume.ConfigFileToPath syntax
"onfigFileVolume.ConfigFileToPath": [
{
"Content": String,
"Path": String
}
]ConfigFileVolume.ConfigFileToPath properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| Content | String | No | No | The content of the configuration file. | The maximum file size is 32 KB. |
| Path | String | Yes | No | The relative path in the configuration file. | You can specify the location of a directory relative to another directory. |
SecurityContextSysctl syntax
"SecurityContextSysctl": [
{
"Value": String,
"Name": String
}
] SecurityContextSysctl properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| Value | String | No | No | The variable value of the security context in which the container group runs. | None |
| Name | String | No | No | The variable name of the security context in which the container group runs. | Valid values:
|
ReadinessProbe syntax
"ReadinessProbe": {
"TimeoutSeconds": Integer,
"InitialDelaySeconds": Integer,
"Exec.Command": List,
"PeriodSeconds": Integer,
"HttpGet.Port": Integer,
"TcpSocket.Port": Integer,
"FailureThreshold": Integer,
"HttpGet.Scheme": String,
"HttpGet.Path": String,
"SuccessThreshold": Integer
} ReadinessProbe properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| FailureThreshold | Integer | No | No | The minimum number of consecutive failures that must occur for the probe to be considered failed after the probe succeeds. | The failures must occur in a consecutive manner for this parameter to take effect.
Default value: 3. |
| HttpGet.Scheme | String | No | No | The GET request protocol. | Valid values:
|
| HttpGet.Path | String | No | No | The path to which the system sends an HTTP GET request for a health check. | None |
| Exec.Command | List | No | No | The commands for running the readiness probe in the container. | None |
| TcpSocket.Port | Integer | No | No | The port to which the system sends a TCP SOCKET request for a health check. | None |
| PeriodSeconds | Integer | No | No | The period during which the probe is performed. | Default value: 10.
Minimum value: 1. Unit: seconds. |
| TimeoutSeconds | Integer | No | No | The duration after which the probe times out. | Default value: 10.
Minimum value: 1. Unit: seconds. |
| InitialDelaySeconds | Integer | No | No | The number of seconds after the container has started before probes are initiated. | None |
| SuccessThreshold | Integer | No | No | The minimum number of consecutive successes that must occur for the probe to be considered successful after the probe fails. | The failures must occur in a consecutive manner for this parameter to take effect.
Default value: 1. |
| HttpGet.Port | Integer | No | No | The port to which the system sends an HTTP GET request for a health check. | None |
Option syntax
"Option": [
{
"Name": String,
"Value": String
}
] Option properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| Name | String | No | No | The name of the object. | None |
| Value | String | No | No | The value of the object. | None |
Tag syntax
"Tag": [
{
"Key": String,
"Value": String
}
]Tag properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| Key | String | Yes | No | The key of the tag. | None |
| Value | String | No | No | The value of the tag. | None |
AcrRegistryInfo syntax
"AcrRegistryInfo": [
{
"RegionId": String,
"InstanceName": String,
"Domain": List,
"InstanceId": String
}
]AcrRegistryInfo properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| RegionId | String | No | No | The region ID of the instance. The default value is the region where the instance resides. | None |
| InstanceName | String | No | No | The name of the instance. | None |
| Domain | List | No | No | The domain names of the instance. | The default value is all domain names of the instance. |
| InstanceId | String | Yes | No | The ID of the instance. | None |
Response parameters
Fn::GetAtt
- ContainerGroupId: the ID of the container group.
- ContainerGroupName: the name of the container group.
- SecurityGroupId: the ID of the security group.
- Ipv6Address: the IPv6 address.
- InternetIp: the public IP address.
- RegionId: the region ID of the instance.
- IntranetIp: the internal IP address.
- ZoneId: the ID of the zone.
- VSwitchId: the ID of the vSwitch.
- EniInstanceId: the ID of the elastic network interface (ENI).
Examples
JSON format
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"SecurityContextSysctl": {
"Type": "Json",
"Description": "ECI Sysctl is valid for every container in ECI.\nCurrently only two Sysctl keyNames are supported:\nKernel.shm_rmid_forced\nKernel.msgmax"
},
"Memory": {
"Type": "Number",
"Description": "memory size"
},
"InitContainer": {
"Type": "Json",
"Description": "The containers that constitute the container group for initializing."
},
"Cpu": {
"Type": "Number",
"Description": "CPU size"
},
"EipInstanceId": {
"Type": "String",
"Description": "Elastic IP ID"
},
"ContainerGroupName": {
"Type": "String",
"Description": "The name of the container group. \nThe length is [2,128] English lowercase letters, numbers or hyphens (-), cannot begin or end with a hyphens.",
"MinLength": 2,
"MaxLength": 128
},
"Container": {
"Type": "Json",
"Description": "The containers that constitute the container group."
},
"ImageSnapshotId": {
"Type": "String",
"Description": "Image cache ID or snapshot ID."
},
"RamRoleName": {
"Type": "String",
"Description": "The RAM role that the container group assumes. ECI and ECS share the same RAM role."
},
"DnsConfig": {
"Type": "Json",
"Description": "The information about DNS configurations."
},
"AutoMatchImageCache": {
"Type": "Boolean",
"Description": "Specifies whether to automatically match the image cache.",
"AllowedValues": [
"True",
"true",
"False",
"false"
]
},
"Ipv6AddressCount": {
"Type": "Number",
"Description": "The number of IPv6 addresses."
},
"ImageRegistryCredential": {
"Type": "Json",
"Description": "The information that you need to log on to the container image repository, including the server address, username, and password.",
"MaxLength": 10
},
"SpotPriceLimit": {
"Type": "Number",
"Description": "Set the hourly maximum price of the instance. It supports a maximum of 3 decimal places. It takes effect when the value of the parameter SpotStrategy is SpotWithPriceLimit."
},
"InstanceType": {
"Type": "String",
"Description": "The type of the ECS instance."
},
"SpotStrategy": {
"Type": "String",
"Description": "Instance preemption strategy.\nRanges:\nNoSpot (default): normal pay-as-you-go instances.\nSpotWithPriceLimit: Preemptive instance that sets a cap price.\nSpotAsPriceGo: The system automatically bids, following the current market actual price.",
"AllowedValues": [
"NoSpot",
"SpotWithPriceLimit",
"SpotAsPriceGo"
]
},
"ActiveDeadlineSeconds": {
"Type": "Number",
"Description": "The validity period in seconds."
},
"HostAliase": {
"Type": "Json",
"Description": "Customize the hostname mapping of a container inside the pod"
},
"ZoneId": {
"Type": "String",
"Description": "The ID of the zone in which the instance resides. If you leave the parameter blank, the system assigns a zone for you. The default value is blank."
},
"TerminationGracePeriodSeconds": {
"Type": "Number",
"Description": "The buffer time for the program to handle operations before it is stopped."
},
"VSwitchId": {
"Type": "String",
"Description": "The ID of the specified VSwitch. Currently, ECI instances can only be deployed in VPCs."
},
"SecurityGroupId": {
"Type": "String",
"Description": "The ID of the security group to which the instance belongs. Instances in the same security group can access one another."
},
"SlsEnable": {
"Type": "Boolean",
"Description": "Enable user log collection. The default is False.",
"AllowedValues": [
"True",
"true",
"False",
"false"
]
},
"RestartPolicy": {
"Type": "String",
"Description": "The policy for restarting the instance. Default value: Always.",
"AllowedValues": [
"Always",
"OnFailure",
"Never"
]
},
"Volume": {
"Type": "Json",
"Description": "The data volume. You can specify a maximum of 20 data volumes.",
"MaxLength": 20
},
"AcrRegistryInfo": {
"Type": "Json",
"Description": "Enterprise Edition access credential configuration information. "
},
"Tag": {
"Type": "Json",
"Description": "The list of container group tags in the form of key/value pairs. You can define a maximum of 20 tags for each container group.",
"MaxLength": 20
}
},
"Resources": {
"ContainerGroup": {
"Type": "ALIYUN::ECI::ContainerGroup",
"Properties": {
"SecurityContextSysctl": {
"Ref": "SecurityContextSysctl"
},
"Memory": {
"Ref": "Memory"
},
"InitContainer": {
"Ref": "InitContainer"
},
"Cpu": {
"Ref": "Cpu"
},
"EipInstanceId": {
"Ref": "EipInstanceId"
},
"ContainerGroupName": {
"Ref": "ContainerGroupName"
},
"Container": {
"Ref": "Container"
},
"ImageSnapshotId": {
"Ref": "ImageSnapshotId"
},
"RamRoleName": {
"Ref": "RamRoleName"
},
"DnsConfig": {
"Ref": "DnsConfig"
},
"AutoMatchImageCache": {
"Ref": "AutoMatchImageCache"
},
"Ipv6AddressCount": {
"Ref": "Ipv6AddressCount"
},
"ImageRegistryCredential": {
"Ref": "ImageRegistryCredential"
},
"SpotPriceLimit": {
"Ref": "SpotPriceLimit"
},
"InstanceType": {
"Ref": "InstanceType"
},
"SpotStrategy": {
"Ref": "SpotStrategy"
},
"ActiveDeadlineSeconds": {
"Ref": "ActiveDeadlineSeconds"
},
"HostAliase": {
"Ref": "HostAliase"
},
"ZoneId": {
"Ref": "ZoneId"
},
"TerminationGracePeriodSeconds": {
"Ref": "TerminationGracePeriodSeconds"
},
"VSwitchId": {
"Ref": "VSwitchId"
},
"SecurityGroupId": {
"Ref": "SecurityGroupId"
},
"SlsEnable": {
"Ref": "SlsEnable"
},
"RestartPolicy": {
"Ref": "RestartPolicy"
},
"Volume": {
"Ref": "Volume"
},
"AcrRegistryInfo": {
"Ref": "AcrRegistryInfo"
},
"Tag": {
"Ref": "Tag"
}
}
}
},
"Outputs": {
"InternetIp": {
"Description": "Internet IP.",
"Value": {
"Fn::GetAtt": [
"ContainerGroup",
"InternetIp"
]
}
},
"ZoneId": {
"Description": "The ID of the zone in which the instance resides. If you leave the parameter blank, the system assigns a zone for you. The default value is blank.",
"Value": {
"Fn::GetAtt": [
"ContainerGroup",
"ZoneId"
]
}
},
"SecurityGroupId": {
"Description": "The ID of the security group to which the instance belongs. Instances in the same security group can access one another.",
"Value": {
"Fn::GetAtt": [
"ContainerGroup",
"SecurityGroupId"
]
}
},
"VSwitchId": {
"Description": "The ID of the VSwitch. Currently, ECI instances can only be deployed in VPCs.",
"Value": {
"Fn::GetAtt": [
"ContainerGroup",
"VSwitchId"
]
}
},
"EniInstanceId": {
"Description": "ENI instance ID.",
"Value": {
"Fn::GetAtt": [
"ContainerGroup",
"EniInstanceId"
]
}
},
"ContainerGroupId": {
"Description": "The ID of the container group.",
"Value": {
"Fn::GetAtt": [
"ContainerGroup",
"ContainerGroupId"
]
}
},
"RegionId": {
"Description": "The ID of the region in which the instance resides.",
"Value": {
"Fn::GetAtt": [
"ContainerGroup",
"RegionId"
]
}
},
"ContainerGroupName": {
"Description": "The name of the container group.",
"Value": {
"Fn::GetAtt": [
"ContainerGroup",
"ContainerGroupName"
]
}
},
"IntranetIp": {
"Description": "Intranet IP.",
"Value": {
"Fn::GetAtt": [
"ContainerGroup",
"IntranetIp"
]
}
},
"Ipv6Address": {
"Description": "Ipv6 address.",
"Value": {
"Fn::GetAtt": [
"ContainerGroup",
"Ipv6Address"
]
}
}
}
} YAML format
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
SecurityContextSysctl:
Type: Json
Description: |-
ECI Sysctl is valid for every container in ECI.
Currently only two Sysctl keyNames are supported:
Kernel.shm_rmid_forced
Kernel.msgmax
Memory:
Type: Number
Description: memory size
InitContainer:
Type: Json
Description: The containers that constitute the container group for initializing.
Cpu:
Type: Number
Description: CPU size
EipInstanceId:
Type: String
Description: Elastic IP ID
ContainerGroupName:
Type: String
Description: >-
The name of the container group.
The length is [2,128] English lowercase letters, numbers or hyphens (-),
cannot begin or end with a hyphens.
MinLength: 2
MaxLength: 128
Container:
Type: Json
Description: The containers that constitute the container group.
ImageSnapshotId:
Type: String
Description: Image cache ID or snapshot ID.
DnsConfig:
Type: Json
Description: The information about DNS configurations.
AutoMatchImageCache:
Type: Boolean
Description: Specifies whether to automatically match the image cache.
AllowedValues:
- true
- false
Ipv6AddressCount:
Type: Number
Description: The number of IPv6 addresses.
ImageRegistryCredential:
Type: Json
Description: >-
The information that you need to log on to the container image repository,
including the server address, username, and password.
MaxLength: 10
SpotPriceLimit:
Type: Number
Description: >-
Set the hourly maximum price of the instance. It supports a maximum of 3
decimal places. It takes effect when the value of the parameter
SpotStrategy is SpotWithPriceLimit.
InstanceType:
Type: String
Description: The type of the ECS instance.
SpotStrategy:
Type: String
Description: >-
Instance preemption strategy.
Ranges:
NoSpot (default): normal pay-as-you-go instances.
SpotWithPriceLimit: Preemptive instance that sets a cap price.
SpotAsPriceGo: The system automatically bids, following the current market
actual price.
AllowedValues:
- NoSpot
- SpotWithPriceLimit
- SpotAsPriceGo
ActiveDeadlineSeconds:
Type: Number
Description: The validity period in seconds.
HostAliase:
Type: Json
Description: Customize the hostname mapping of a container inside the pod
ZoneId:
Type: String
Description: >-
The ID of the zone in which the instance resides. If you leave the
parameter blank, the system assigns a zone for you. The default value is
blank.
TerminationGracePeriodSeconds:
Type: Number
Description: The buffer time for the program to handle operations before it is stopped.
VSwitchId:
Type: String
Description: >-
The ID of the specified VSwitch. Currently, ECI instances can only be
deployed in VPCs.
SecurityGroupId:
Type: String
Description: >-
The ID of the security group to which the instance belongs. Instances in
the same security group can access one another.
SlsEnable:
Type: Boolean
Description: Enable user log collection. The default is False.
AllowedValues:
- true
- false
RestartPolicy:
Type: String
Description: 'The policy for restarting the instance. Default value: Always.'
AllowedValues:
- Always
- OnFailure
- Never
RamRoleName:
Type: String
Description: >-
The RAM role that the container group assumes. ECI and ECS share the same
RAM role.
Volume:
Type: Json
Description: The data volume. You can specify a maximum of 20 data volumes.
MaxLength: 20
Tag:
Type: Json
Description: >-
The list of container group tags in the form of key/value pairs. You can
define a maximum of 20 tags for each container group.
MaxLength: 20
Resources:
ContainerGroup:
Type: 'ALIYUN::ECI::ContainerGroup'
Properties:
SecurityContextSysctl:
Ref: SecurityContextSysctl
Memory:
Ref: Memory
InitContainer:
Ref: InitContainer
Cpu:
Ref: Cpu
EipInstanceId:
Ref: EipInstanceId
ContainerGroupName:
Ref: ContainerGroupName
Container:
Ref: Container
ImageSnapshotId:
Ref: ImageSnapshotId
DnsConfig:
Ref: DnsConfig
AutoMatchImageCache:
Ref: AutoMatchImageCache
Ipv6AddressCount:
Ref: Ipv6AddressCount
ImageRegistryCredential:
Ref: ImageRegistryCredential
SpotPriceLimit:
Ref: SpotPriceLimit
InstanceType:
Ref: InstanceType
SpotStrategy:
Ref: SpotStrategy
ActiveDeadlineSeconds:
Ref: ActiveDeadlineSeconds
HostAliase:
Ref: HostAliase
ZoneId:
Ref: ZoneId
TerminationGracePeriodSeconds:
Ref: TerminationGracePeriodSeconds
VSwitchId:
Ref: VSwitchId
SecurityGroupId:
Ref: SecurityGroupId
SlsEnable:
Ref: SlsEnable
RestartPolicy:
Ref: RestartPolicy
RamRoleName:
Ref: RamRoleName
Volume:
Ref: Volume
Tag:
Ref: Tag
Outputs:
InternetIp:
Description: Internet IP.
Value:
'Fn::GetAtt':
- ContainerGroup
- InternetIp
ZoneId:
Description: >-
The ID of the zone in which the instance resides. If you leave the
parameter blank, the system assigns a zone for you. The default value is
blank.
Value:
'Fn::GetAtt':
- ContainerGroup
- ZoneId
SecurityGroupId:
Description: >-
The ID of the security group to which the instance belongs. Instances in
the same security group can access one another.
Value:
'Fn::GetAtt':
- ContainerGroup
- SecurityGroupId
VSwitchId:
Description: >-
The ID of the VSwitch. Currently, ECI instances can only be deployed in
VPCs.
Value:
'Fn::GetAtt':
- ContainerGroup
- VSwitchId
EniInstanceId:
Description: ENI instance ID.
Value:
'Fn::GetAtt':
- ContainerGroup
- EniInstanceId
ContainerGroupId:
Description: The ID of the container group.
Value:
'Fn::GetAtt':
- ContainerGroup
- ContainerGroupId
RegionId:
Description: The ID of the region in which the instance resides.
Value:
'Fn::GetAtt':
- ContainerGroup
- RegionId
ContainerGroupName:
Description: The name of the container group.
Value:
'Fn::GetAtt':
- ContainerGroup
- ContainerGroupName
IntranetIp:
Description: Intranet IP.
Value:
'Fn::GetAtt':
- ContainerGroup
- IntranetIp
Ipv6Address:
Description: Ipv6 address.
Value:
'Fn::GetAtt':
- ContainerGroup
- Ipv6AddressFor more examples, visit ContainerGroup.json and ContainerGroup.yml.