ALIYUN::ECI::ContainerGroup - Resource Types| Alibaba Cloud Documentation Center

Syntax

{
  "Type": "ALIYUN::ECI::ContainerGroup",
  "Properties": {
    "EipInstanceId": String,
    "Container": List,
    "DnsConfig": Map,
    "InitContainer": List,
    "SecurityGroupId": String,
    "ContainerGroupName": String,
    "ZoneId": String,
    "Volume": List,
    "HostAliase": List,
    "RestartPolicy": String,
    "Tag": List,
    "VSwitchId": String,
    "ImageRegistryCredential": List,
    "Memory": Number,
    "SlsEnable": Boolean,
    "SecurityContextSysctl": List,
    "Cpu": Number,
    "ImageSnapshotId": String
  }
}

Properties


Name	Type	Required	Editable	Description	Validity
EipInstanceId	String	No	No	The ID of the EIP.	None
Container	List	Yes	Yes	The containers in the container group.	None
DnsConfig	Map	No	Yes	The DNS configurations.	None
InitContainer	List	No	Yes	The list of initialized containers.	None
SecurityGroupId	String	Yes	No	The ID of the security group to which the instance belongs. Instances within the same security group can access one another.	None
ContainerGroupName	String	Yes	No	The name of the container group.	None
ZoneId	String	No	No	The ID of the zone where the instance resides.	If this parameter is not specified, the system will automatically select a zone. Default value: empty.
Volume	List	No	Yes	The list of volumes.	A maximum of 20 volumes can be specified.
HostAliase	List	No	No	The mapping of hostnames and IP addresses for a container in the pod.	None
RestartPolicy	String	No	Yes	The policy for restarting the instance.	Valid values: Always, OnFailure, and Never. Default value: Always.
Tag	List	No	Yes	The tags of the container group in the key-value pair format.	A maximum of 20 tags can be specified for each container group. In a key-value pair, both the key and value are strings.
VSwitchId	String	Yes	No	The ID of the VSwitch. All ECI instances are deployed in VPCs.	The number of IP addresses in the VSwitch CIDR block determines the maximum number of ECI instances that can be created in the VSwitch. Before you create an ECI instance, we recommend that you plan the CIDR block of the VSwitch.
ImageRegistryCredential	List	No	Yes	The information for logging on to the container image repository. This information includes server address, username, and password.	None
Memory	Number	No	Yes	The size of memory.	None
SlsEnable	Boolean	No	No	Specifies whether to enable logging.	Default value: false.
SecurityContextSysctl	List	No	No	The list of kernel parameters that you want to set using the sysctl command. The sysctl command is sent to each container in ECI.	You can use the sysctl command to set these kernel variables: kernel.shm_rmid_forced and kernel.msgmax.
Cpu	Number	No	Yes	The number of vCPUs.	None
ImageSnapshotId	String	No	No	The cache ID of the image or the ID of the snapshot that is used to create the image.	None

Container syntax

"Container": [
  {
    "EnvironmentVar": List,
    "Tty": Boolean,
    "SecurityContext": Map,
    "Name": String,
    "ImagePullPolicy": String,
    "Image": String,
    "Stdin": boolean,
    "WorkingDir": String,
    "LivenessProbe": Map,
    "Cpu": Number,
    "Command": List,
    "Memory": Number,
    "ReadinessProbe": Map,
    "VolumeMount": List,
    "Port": List,
    "Arg": List,
    "StdinOnce": Boolean
  }
]

Container properties


Name	Type	Required	Editable	Description	Validity
EnvironmentVar	List	No	No	The environment variables in the container. Each environment variable is stored as a key-value pair. Both the key and value are strings.	A maximum of 100 environment variables can be stored. The key specifies the name of a variable, and the value specifies the value of a variable.
Tty	Boolean	No	No	Specifies whether to assign a tty to the container.	Valid values: true and false. If this parameter is set to true, the Stdin parameter must be set to true.
SecurityContext	Map	No	No	The security context of the container group.	Set the value to true.
Name	String	Yes	No	The name of the container.	None
ImagePullPolicy	String	No	No	The policy for pulling an image.	None
Image	String	Yes	No	The image of the container.	None
Stdin	Boolean	No	No	Specifies whether to assign a buffer to the standard input while the container is running.	Valid values: true and false.
WorkingDir	String	No	No	The working directory for the container.	None
LivenessProbe	Map	No	No	The liveness probe of the container.	None
Cpu	Number	No	No	The number of vCPUs assigned to the container.	None
Command	List	No	No	The list of commands to be sent to the container.	Only one command can be specified. The command can be up to 256 characters in length.
Memory	Number	No	No	The memory assigned to the container.	Unit: GiB.
ReadinessProbe	Map	No	No	The readiness probe of the container.	None
VolumeMount	List	No	No	The number of volumes that are mounted to the container.	Maximum value: 16.
Port	List	No	No	The enabled ports and protocols used by the ports.	A maximum of 100 ports can be configured.
Arg	List	No	No	The arguments that are passed to the command.	This parameter must be of the STRING type. A maximum of 10 arguments can be specified.
StdinOnce	Boolean	No	No	Specifies whether to close the standard input channel that is opened by a single attach operation after the connection is disconnected.	Valid values: true and false.

LivenessProbe syntax

"LivenessProbe": {
  "TcpSocket.Port": Integer,
  "HttpGet.Scheme": String,
  "HttpGet.Port": Integer,
  "FailureThreshold": Integer,
  "InitialDelaySeconds": Integer,
  "TimeoutSeconds": Integer,
  "SuccessThreshold": Integer,
  "Exec.Command": List,
  "PeriodSeconds": Integer,
  "HttpGet.Path": String
}

LivenessProbe properties


Name	Type	Required	Editable	Description	Validity
TcpSocket.Port	Integer	No	No	The port to which the system sends a TCP socket request for health check.	None
HttpGet.Scheme	String	No	No	The protocol that is used to connect a server.	Valid values: HTTP and HTTPS.
HttpGet.Port	Integer	No	No	The port to which the system sends an HTTP GET request for health check.	None
FailureThreshold	Integer	No	No	The minimum number of consecutive failures that must occur for the probe to be considered failed after having succeeded.	Default value: 3.
InitialDelaySeconds	Integer	No	No	The time to wait before performing the first probe after the container is started.	Unit: seconds.
TimeoutSeconds	Integer	No	No	The time after which the probe times out.	Unit: seconds. Minimum value: 1. Default value: 1.
SuccessThreshold	Integer	No	No	The minimum number of consecutive successes that must occur for the probe to be considered successful after having failed.	Set the value to 1. Default value: 1.
Exec.Command	List	No	No	The commands that are used to run the probe.	None
PeriodSeconds	Integer	No	No	The probe cycle.	Unit: seconds. Minimum value: 1. Default value: 10.
HttpGet.Path	String	No	No	The path of an HTTP GET request to perform heath check.	None

DnsConfig syntax

"DnsConfig": {
  "NameServer": List,
  "Search": List,
  "Option": List
}

DnsConfig properties


Name	Type	Required	Editable	Description	Validity
NameServer	List	No	No	The list of IP addresses of DNS servers.	None
Search	List	No	No	The list of DNS search domains.	None
Option	List	No	No	The list of options. Each option consists of a name and a value.	The value of each option is optional.

InitContainer syntax

"InitContainer": [
  {
    "EnvironmentVar": List,
    "SecurityContext": Map,
    "Name": String,
    "Image": String,
    "Arg": List,
    "WorkingDir": String,
    "Port": List,
    "Command": List,
    "Memory": Number,
    "ImagePullPolicy": String,
    "VolumeMount": List,
    "Cpu": Number
  }
]

InitContainer properties


Name	Type	Required	Editable	Description	Validity
EnvironmentVar	List	No	No	The environment variables in the container. Each container variable is stored as a key-value pair. Both the key and value are strings. The key specifies the name of a variable, and the value specifies the value of a variable.	A maximum of 100 environment variables can be stored. Set the value to status.podIP.
SecurityContext	Map	No	No	The security context of the container group.	Set the value to true.
Name	String	No	No	The name of the container.	None
Image	String	No	No	The image of the container.	None
Arg	List	No	No	The arguments that are passed to the command.	This parameter must be of the STRING type. A maximum of 10 arguments can be specified.
WorkingDir	String	No	No	The working directory for the container.	None
Port	List	No	No	The enabled ports and protocols used by the ports.	A maximum of 100 ports can be configured.
Command	List	No	No	The list of commands to be sent to the container.	Only one command can be specified. The command can be up to 256 characters in length.
Memory	Number	No	No	The memory assigned to the container.	Unit: GiB.
ImagePullPolicy	String	No	No	The policy for pulling an image. You can use the policy to pull images from an image repository.	None
VolumeMount	List	No	No	The number of volumes that are mounted to the container.	Maximum value: 16.
Cpu	Number	No	No	The number of vCPUs assigned to the container.	None

Volume syntax

"Volume": [
  {
    "NFSVolume.Path": String,
    "Name": String,
    "EmptyDirVolume.Medium": String,
    "NFSVolume.Server": String,
    "NFSVolume.ReadOnly": Boolean,
    "ConfigFileVolume.ConfigFileToPath": List,
    "Type": String
  }
]

Volume properties


Name	Type	Required	Editable	Description	Validity
NFSVolume.Path	String	No	No	The path of the Network File System (NFS) volume.	None
Name	String	Yes	No	The name of the volume.	None
EmptyDirVolume.Medium	String	No	No	The storage medium for the emptyDir volume.	By default, the file system on the node is used. Set the value to Memory. If you set this parameter to Memory, emptyDir volumes are stored in memory.
NFSVolume.Server	String	No	No	The IP address of the NFS server.	None
NFSVolume.ReadOnly	Boolean	No	No	Specifies whether the NFS volume is read only.	Default value: false.
ConfigFileVolume.ConfigFileToPath	List	No	No	The paths to configuration files.	None
Type	String	Yes	No	The type of the volume.	Valid values: EmptyDirVolume, NFSVolume, and ConfigFileVolume.

HostAliase syntax

"HostAliase": [
  {
    "Ip": String,
    "Hostname": List
  }
]

HostAliase properties


Name	Type	Required	Editable	Description	Validity
Ip	String	No	No	The IP addresses.	None
Hostname	List	No	No	The hostnames.	None

ImageRegistryCredential syntax

"ImageRegistryCredential": [
  {
    "UserName": String,
    "Password": String,
    "Server": String
  }
]

ImageRegistryCredential properties


Name	Type	Required	Editable	Description	Validity
UserName	String	Yes	No	The username that is used to log on to the container image repository.	None
Password	String	Yes	No	The password that is used to log on to the container image repository.	None
Server	String	Yes	No	The IP address of the container image repository.	This IP address does not contain the protocol prefix, such as http:// or https://.

EnvironmentVar syntax

"EnvironmentVar": {
  "Key": String,
  "Value": String,
  "FieldRef.FieldPath": String
}

EnvironmentVar properties


Name	Type	Required	Editable	Description	Validity
Key	String	No	No	The name of the variable.	The name must be 1 to 128 characters in length and can contain digits, letters, and underscores (_). It cannot start with a digit.
Value	String	No	No	The value of the variable.	The value can be up to 256 characters in length.
FieldRef.FieldPath	String	No	No	The reference to another variable.	Only status.podIP is supported.

SecurityContext syntax

"SecurityContext": {
  "Capability.Add": List,
  "RunAsUser": Interger,
  "ReadOnlyRootFilesystem": Boolen
}

SecurityContext properties


Name	Type	Required	Editable	Description	Validity
Capability.Add	List	No	No	The capabilities that can be added to containers.	Set the value to NET_ADMIN.
RunAsUser	Integer	No	No	The ID of the user account.	None
ReadOnlyRootFilesystem	Boolean	No	No	Specifies whether to mount the root file system in the read-only mode.	Set the value to true.

VolumeMount syntax

"VolumeMount": [
  {
    "Name": String,
    "ReadOnly": Boolen,
    "MountPath": String
  }
]

VolumeMount properties


Name	Type	Required	Editable	Description	Validity
Name	String	No	No	The name of the volume. The name is the same as the value specified for the Name parameter in the Volume section.	None
ReadOnly	Boolean	No	No	Specifies whether to mount the volume in the read-only mode.	Default value: false.
MountPath	String	No	No	The mount path of the volume. The data in the target directory is overwritten by the data in the mounted volume.	None

Port syntax

"Port": [
  {
    "Port": Interger,
    "Protocol": String
  }
]

Port properties


Name	Type	Required	Editable	Description	Validity
Port	Integer	No	No	The port number.	Valid values: 1 to 65535.
Protocol	String	No	No	The protocol that the port uses.	Valid values: TCP and UDP.

ConfigFileVolume.ConfigFileToPath syntax

"onfigFileVolume.ConfigFileToPath": [
  {
    "Content": String,
    "Path": String
  }
]

ConfigFileVolume.ConfigFileToPath properties


Name	Type	Required	Editable	Description	Validity
Content	String	No	No	The content of the configuration file.	The size of the content can be up to 32 KB.
Path	String	No	No	The relative path in the configuration file. You can specify the location of a directory relative to another directory.	None

Response parameters

Fn::GetAtt

ContainerGroupId: the ID of the container group.
ContainerGroupName: the name of the container group.

Examples

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Resources": {
    "ContainerGroup": {
      "Type": "ALIYUN::ECI::ContainerGroup",
      "Properties": {
        "EipInstanceId": {
          "Ref": "EipInstanceId"
        },
        "Container": {
          "Ref": "Container"
        },
        "DnsConfig": {
          "Ref": "DnsConfig"
        },
        "InitContainer": {
          "Ref": "InitContainer"
        },
        "SecurityGroupId": {
          "Ref": "SecurityGroupId"
        },
        "ContainerGroupName": {
          "Ref": "ContainerGroupName"
        },
        "ZoneId": {
          "Ref": "ZoneId"
        },
        "Volume": {
          "Ref": "Volume"
        },
        "HostAliase": {
          "Ref": "HostAliase"
        },
        "RestartPolicy": {
          "Ref": "RestartPolicy"
        },
        "Tag": {
          "Ref": "Tag"
        },
        "VSwitchId": {
          "Ref": "VSwitchId"
        },
        "ImageRegistryCredential": {
          "Ref": "ImageRegistryCredential"
        },
        "Memory": {
          "Ref": "Memory"
        },
        "SlsEnable": {
          "Ref": "SlsEnable"
        },
        "SecurityContextSysctl": {
          "Ref": "SecurityContextSysctl"
        },
        "Cpu": {
          "Ref": "Cpu"
        }
      }
    }
  },
  "Parameters": {
    "EipInstanceId": {
      "Type": "String",
      "Description": "Elastic IP ID"
    },
    "Container": {
      "Type": "Json",
      "Description": "The containers that constitute the container group."
    },
    "DnsConfig": {
      "Type": "Json",
      "Description": "The information about DNS configurations."
    },
    "InitContainer": {
      "Type": "Json",
      "Description": "The containers that constitute the container group for initializing."
    },
    "SecurityGroupId": {
      "Type": "String",
      "Description": "The ID of the security group to which the instance belongs. Instances in the same security group can access one another."
    },
    "ContainerGroupName": {
      "Type": "String",
      "Description": "The name of the container group."
    },
    "ZoneId": {
      "Type": "String",
      "Description": "The ID of the zone in which the instance resides. If you leave the parameter blank, the system assigns a zone for you. The default value is blank."
    },
    "Volume": {
      "Type": "Json",
      "Description": "The data volume. You can specify a maximum of 20 data volumes.",
      "MaxLength": 20
    },
    "HostAliase": {
      "Type": "Json",
      "Description": "Customize the hostname mapping of a container inside the pod"
    },
    "RestartPolicy": {
      "Type": "String",
      "Description": "The policy for restarting the instance. Default value: Always.",
      "AllowedValues": [
        "Always",
        "OnFailure",
        "Never"
      ]
    },
    "Tag": {
      "Type": "Json",
      "Description": "The list of container group tags in the form of key/value pairs. You can define a maximum of 20 tags for each container group.",
      "MaxLength": 20
    },
    "VSwitchId": {
      "Type": "String",
      "Description": "The ID of the specified VSwitch. Currently, ECI instances can only be deployed in VPCs."
    },
    "ImageRegistryCredential": {
      "Type": "Json",
      "Description": "The information that you need to log on to the container image repository, including the server address, username, and password.",
      "MaxLength": 10
    },
    "Memory": {
      "Type": "Number",
      "Description": "memory size"
    },
    "SlsEnable": {
      "Type": "Boolean",
      "Description": "Enable user log collection. The default is False.",
      "AllowedValues": [
        "True",
        "true",
        "False",
        "false"
      ]
    },
    "SecurityContextSysctl": {
      "Type": "Json",
      "Description": "ECI Sysctl is valid for every container in ECI.\nCurrently only two Sysctl keyNames are supported:\nKernel.shm_rmid_forced\nKernel.msgmax"
    },
    "Cpu": {
      "Type": "Number",
      "Description": "CPU size"
    }
  },
  "Outputs": {
    "ContainerGroupId": {
      "Description": "The ID of the container group.",
      "Value": {
        "Fn::GetAtt": [
          "ContainerGroup",
          "ContainerGroupId"
        ]
      }
    },
    "ContainerGroupName": {
      "Description": "The name of the container group.",
      "Value": {
        "Fn::GetAtt": [
          "ContainerGroup",
          "ContainerGroupName"
        ]
      }
    }
  }
}