You can call CreateCluster to create an Alibaba Cloud Container Service for Kubernetes (ACK) cluster that supports sandboxed containers.

Request information

Request line

POST /clusters HTTP/1.1

Custom request headers

None. For more information, see Public request headers.

Request body

{
  "name": "The cluster name.",
  "cluster_type": "The cluster type. Set the value to ManagedKubernetes.",
  "disable_rollback": "true",
  "timeout_mins": "60",
  "region_id": "The region where the cluster is deployed.",
  "snat_entry": "Specify whether to configure SNAT entries.",
  "cloud_monitor_flags": "Specify whether to install the CloudMonitor agent.",
  "public_slb": "Specify whether to make the cluster endpoint accessible over the Internet.",
  "worker_instance_type": "The instance type of worker nodes.",
  "num_of_nodes": "The number of worker nodes.",
  "vpcid": "vpc id",
  "vswitch_ids": "VSwitch IDs of worker nodes.",
  "service_cidr": "The service CIDR block.",
  "login_password":"The password for logging on to nodes. Set login_password or key_pair for authentication.",
  "key_pair":"The name of the SSH key pair. Set key_pair or login_password for authentication.",
  "worker_system_disk_category": "The system disk type of worker nodes.",
  "worker_system_disk_size": "The system disk size of worker nodes.",
  "worker_data_disk_category":"The data disk type of worker nodes.",
  "worker_data_disk_size":"The data disk size of worker nodes.",
  "worker_data_disk": "Specify whether to mount data disks. Valid values: true and false.",
  "worker_instance_charge_type":"The billing method of worker nodes. Valid values: PrePaid and PostPaid.",
  "worker_period_unit":"The unit of the subscription duration of worker nodes. Valid values: Month and Year. This parameter takes effect only when the worker_instance_charge_type parameter is set to PrePaid.",
  "worker_period":"The subscription duration of worker nodes. This parameter takes effect only when the worker_instance_charge_type parameter is set to PrePaid.",
  "worker_auto_renew":"Specify whether to automatically renew the subscription of worker nodes. Valid values: true and false.",
  "worker_auto_renew_period": "The renewal period of worker nodes.",
  "kubernetes_version": "The Kubernetes version.",
  "addons": [{"name":"terway-eniip"}],
  "runtime": {"name": "Sandboxed-Container.runv", "version":"1.0.0"},
  "pod_vswitch_ids": "The VSwitch ID of pods. For each VSwitch that is assigned to a node, you must set at least one VSwitch for pods in the same zone."
}
Table 1. Request body parameters
Parameter Type Required Description
addons list Yes The add-ons to the Kubernetes cluster.
  • Add-ons parameters:
    • name: required. The name of the add-on.
    • version: optional. If you do not specify this parameter, the latest version is used.
    • config: optional. If you do not specify this parameter, it indicates that this parameter is not required.
  • Network plug-in: select Flannel or Terway.
  • Log Service: optional.
    • If Log Service is not enabled, you cannot use the cluster auditing feature.
    • To enable Log Service, add {"name":"aliyun-log-controller"} to the add-on array.
cluster_type string Yes The cluster type.

Set the value to ManagedKubernetes. Sandboxed containers support only managed ACK clusters.

key_pair string Yes The name of the SSH key pair. Select key_pair or login_password for authentication.
kubernetes_version string Yes Sandboxed-containers support only ACK 1.14.6-aliyun.1 and later.
login_password string Yes The password for logging on to nodes. The password must be 8 to 30 characters in length and contain three of the following four character types: uppercase letters, lowercase letters, digits, and special characters. Select login_password or key_pair for authentication.
name string Yes The cluster name. The name can contain letters, digits, and hyphens (-).
num_of_nodes int Yes The number of worker nodes. Valid values: 0 to 100.
pod_vswitch_ids list Yes The ID of the VSwitch used by the pods.
region_id string Yes The ID of the region where the cluster is deployed.
runtime json Yes
  • name: the container runtime. Set the value to Sandboxed-Container.runv.
  • version: the runtime version. Set the value to 1.0.0.
snat_entry bool Yes Specify whether to configure SNAT entries for the Virtual Private Cloud (VPC) network.
  • If the VPC network has Internet access, set the value to false.
  • If the VPC network does not have Internet access:
    • Set the value to true to configure SNAT entries. This enables the cluster to access the Internet.
    • Set the value to false. This indicates that no SNAT entries are configured and therefore the cluster cannot access the Internet.
vpcid string Yes The ID of the VPC network. If this parameter is not specified, the system automatically creates a VPC network with CIDR block 192.168.0.0/16.
Note The vpc_id and vswitch_id parameters must be used together.
vswitch_ids list Yes The VSwitch IDs. The list can contain 1 to 3 VSwitch IDs.
worker_data_disk bool Yes Specify whether to mount data disks. For an ACK cluster that supports sandboxed containers, you must set the value to true.
worker_data_disk_size string Yes The data disk size. Unit: GiB. For an ACK cluster that supports sandboxed containers, you must specify a data disk of 200 GiB or larger.
worker_instance_type string Yes The type of instance that supports sandboxed containers.

The ecs.ebmg5s.24xlarge and ecs.ebmc5s.24xlarge instance types are supported.

worker_system_disk_category string Yes The system disk type of worker nodes.
worker_system_disk_size int Yes The system disk size of worker nodes. Unit: GiB.
cloud_monitor_flags bool No Specify whether to install the CloudMonitor agent.
  • A value of true indicates yes.
  • A value of false indicates no.
disable_rollback bool No Specify whether to roll back when the operation fails.
  • A value of true indicates no.
  • A value of false indicates yes.
Default value: true. We recommend that you use the default value. If you set the value to false, the rollback releases resources created during the operation.
endpoint_public_access bool No Specify whether to allow public access to the API Server.
  • A value of true indicates that public access to the API Server is allowed. Default value: true.
  • A value of false indicates that public access to the API Server is forbidden. Only internal access to the API server is allowed.
service_cidr string No The Service CIDR block. This CIDR block must not overlap with that of the VPC network or containers. If the VPC network is automatically created by the system, the default Service CIDR block is 172.19.0.0/20.
tags list No The tags of the cluster.
  • key: the name of the tag.
  • value: the value of the tag.
timeout_mins int No The timeout period of resource stack creation. Unit: minutes. Default: 60.
worker_auto_renew bool No Specify whether to enable auto renewal for worker nodes.
  • A value of true indicates yes.
  • A value of false indicates no.
worker_auto_renew_period int No The renewal period. This parameter is required when the worker_instance_charge_type parameter is set to PrePaid and the worker_auto_renew parameter is set to true.
  • When you specify PeriodUnit=Week, valid values are 1, 2, and 3.
  • When you specify PeriodUnit=Month, valid values are 1, 2, 3, 6, and 12.
worker_data_disk_category string No The data disk type of worker nodes. This parameter takes effect only when the worker_data_disk parameter is set to true. Valid values:
  • cloud: basic disk.
  • cloud_efficiency: ultra disk.
  • cloud_ssd: SSD.
worker_instance_charge_type string No The billing method of worker nodes. Valid values:
  • PrePaid: the subscription billing method.
  • PostPaid: the pay-as-you-go billing method.
Default value: PostPaid.
worker_period int No The duration of the subscription. This parameter is required when the worker_instance_charge_type parameter is set to PrePaid.
  • When you specify PeriodUnit=Week, valid values are 1, 2, 3, and 4.
  • When you specify PeriodUnit=Month, valid values are 1, 2, 3, 4, 5, 6, 7, 8, 9, 12, 24, 36, 48, and 60.
worker_period_unit string No The unit of the subscription duration. This parameter is required when the worker_instance_charge_type parameter is set to PrePaid. Valid values:
  • Week. A value of Week indicates that the subscription duration is measured in weeks.
  • Month. A value of Month indicates that the subscription duration is measured in months.

Response information

Response line

HTTP/1.1 202 Accepted

Custom response headers

None. For more information, see Public response headers.

Table 2. Response body
Parameter Type Description
cluster_id string The ID of the cluster instance.
request_id string The ID of the request.
task_id string The ID of the task. The ID is system-assigned and can be used to query the task status.

Examples

Sample requests

POST /clusters HTTP/1.1
<Common request headers>
{
  "name": "test-sandbox", 
  "cluster_type": "ManagedKubernetes",
  "disable_rollback": true,
  "timeout_mins": 60,
  "region_id": "cn-hangzhou",
  "snat_entry": true,
  "cloud_monitor_flags": false,
  "endpoint_public_access": true,
  "worker_instance_type": "ecs.ebmg5s.24xlarge",
  "num_of_nodes": 2,
  "vpcid": "vpc-bp1iybm49v9jgb50xxxxx",
  "vswitch_ids": ["vsw-bp1ue9z93i9zpcblxxxxx"],
  "service_cidr": "192.168.0.0/16",
  "login_password": "xxxxxxxx",
  "worker_system_disk_category": "cloud_efficiency",
  "worker_system_disk_size": 200,
  "worker_data_disk_category": "cloud_efficiency",
  "worker_data_disk_size": 200,
  "worker_data_disk": true,
  "worker_instance_charge_type": "PostPaid",
  "kubernetes_version": "1.14.6-aliyun.1",
  "addons": [{"name":"terway-eniip"}],
  "runtime": {"name": "Sandboxed-Container.runv", "version": "1.0.0"},
  "pod_vswitch_ids":["vsw-bp18nj6xxfoc2ci2xxxxx"]
}

Response example

HTTP/1.1 202 Accepted
<Common response headers>
{
    "cluster_id": "cb95aa626a47740afbf6aa099b65****",
    "request_id": "687C5BAA-D103-4993-884B-C35E4314A1E1",
    "task_id": "T-5a54309c80282e39ea00002f"
}