You can call the CreateCluster operation to create a dedicated Kubernetes cluster that supports sandboxed containers.
Debugging
Request syntax
POST /clusters HTTP/1.1
Content-Type:application/json
{
"addons" : [ {
"name" : "String",
"config" : "String",
"disabled" : Boolean
} ],
"cloud_monitor_flags" : Boolean,
"cluster_type" : "String",
"container_cidr" : "String",
"cpu_policy" : "String",
"deletion_protection" : Boolean,
"disable_rollback" : Boolean,
"endpoint_public_access" : Boolean,
"is_enterprise_security_group" : Boolean,
"key_pair" : "String",
"kubernetes_version" : "String",
"login_password" : "String",
"master_auto_renew" : Boolean,
"master_auto_renew_period" : Long,
"master_count" : Long,
"master_vswitch_ids" : [ "String" ],
"master_instance_types" : [ "String" ],
"master_system_disk_category" : "String",
"master_system_disk_size" : Long,
"master_system_disk_snapshot_policy_id" : "String",
"master_instance_charge_type" : "String",
"master_period_unit" : "String",
"master_period" : Long,
"name" : "String",
"node_cidr_mask" : "String",
"node_port_range" : "String",
"num_of_nodes" : Long,
"pod_vswitch_ids" : [ "String" ],
"proxy_mode" : "String",
"region_id" : "String",
"runtime" : {
"name" : "String",
"version" : "String"
},
"service_cidr" : "String",
"security_group_id" : "String",
"snat_entry" : Boolean,
"ssh_flags" : Boolean,
"tags" : [ {
"key" : "String",
"value" : "String"
} ],
"taints" : [ {
"key" : "String",
"value" : "String",
"effect" : "String"
} ],
"timeout_mins" : Long,
"user_data" : "String",
"vpcid" : "String",
"vswitch_ids" : [ "String" ],
"worker_auto_renew" : Boolean,
"worker_auto_renew_period" : Long,
"worker_data_disks" : [ {
"category" : "String",
"size" : Long,
"encrypted" : "String",
"auto_snapshot_policy_id" : "String"
} ],
"worker_vswitch_ids" : [ "String" ],
"worker_instance_types" : [ "String" ],
"worker_system_disk_category" : "String",
"worker_system_disk_size" : Long,
"worker_instance_charge_type" : "String",
"worker_period_unit" : "String",
"worker_period" : Long,
"zone_id" : "String"
}
Request parameters
Parameter | Type | Required | Example | Description |
addons | Array | Yes | [{"name": "terway-eniip","config": ""}, {"name": "logtail-ds","config": "{\"IngressDashboardEnabled\":\"true\",\"sls_project_name\":\"your_sls_project_name\"}"}, {"name":"nginx-ingress-controller","config":"{\"IngressSlbNetworkType\":\"internet\"}"}] | The list of add-ons to be installed.
|
cloud_monitor_flags | Boolean | No | true | Specifies whether to install the CloudMonitor agent. Valid values:
Default value: |
cluster_type | String | Yes | Kubernetes | The type of cluster. Set the value to |
container_cidr | String | No | 172.20.0.0/16 | The CIDR block of pods. This CIDR block cannot overlap with the CIDR block of the virtual private cloud (VPC) in which the cluster is deployed. If the VPC is automatically created by the system, the CIDR block of pods is set to 172.16.0.0/16 by default. This parameter is required if the cluster uses the Flannel plug-in. |
cpu_policy | String | No | none | The CPU policy. The following policies are supported if the Kubernetes version of the cluster is 1.12.6 or later.
Default value: |
deletion_protection | Boolean | No | true | Specifies whether to enable deletion protection for the cluster. After deletion protection is enabled, the cluster cannot be deleted in the Container Service for Kubernetes (ACK) console or by calling API operations. Valid values:
Default value: |
disable_rollback | Boolean | No | true | Specifies whether to perform a rollback when the cluster fails to be created. Valid values:
Default value: |
endpoint_public_access | Boolean | No | true | Specifies whether to enable Internet access for the API server. Valid values:
Default value: |
is_enterprise_security_group | Boolean | No | true | Specifies whether to create an advanced security group. This parameter takes effect only if
Default value: |
key_pair | String | Yes | security-key | The name of the key pair. You must set this parameter or the |
kubernetes_version | String | No | 1.16.9-aliyun.1 | The Kubernetes version of the cluster. The Kubernetes versions provided by ACK are consistent with the open source Kubernetes versions. We recommend that you select the latest Kubernetes version. If you do not set this parameter, the latest Kubernetes version is used. You can create clusters of the latest two Kubernetes versions in the ACK console. You can create ACK clusters of earlier Kubernetes versions by calling API operations. For more information about the Kubernetes versions supported by ACK, see Overview of Kubernetes versions supported by ACK. |
login_password | String | Yes | Hello@1234 | The password for Secure Shell (SSH) logon. You must set this parameter or the |
master_auto_renew | Boolean | No | true | Specifies whether to enable auto-renewal for master nodes. This parameter takes effect only if
Default value: |
master_auto_renew_period | Long | No | 1 | The cycle of auto-renewal. This parameter takes effect and is required only if the subscription billing method is selected for master nodes. Valid values: 1, 2, 3, 6, and 12. Default value: 1. |
master_count | Long | No | 3 | The number of master nodes that you want to create. Valid values: 3 and 5. Default value: 3 |
master_instance_charge_type | String | No | PrePaid | The billing method of master nodes. Valid values:
The default value is |
master_instance_types | Array of String | No | ["ecs.n4.xlarge"] | The instance types of master nodes. The number of specified instance types for master nodes must be the same as that specified in |
master_period | Long | No | 1 | The subscription duration of master nodes. This parameter takes effect and is required only if Valid values: 1, 2, 3, 6, 12, 24, 36, 48, and 60. Default value: 1. |
master_period_unit | String | No | Month | The billing cycle of master nodes. This parameter is required if master_instance_charge_type is set to Set the value to |
master_system_disk_category | String | No | cloud_ssd | The type of system disk that is specified for master nodes. Valid values:
Default value: |
master_system_disk_size | Long | No | 120 | The size of the system disk that is specified for master nodes. Valid values: 40 to 500. Unit: GiB. Default value: 120. |
master_system_disk_performance_level | String | No | PL1 | The performance level (PL) of the system disk that you want to use for master nodes. This parameter takes effect only for enhanced SSDs. You can specify a higher PL if you increase the size of the system disk. For more information, see ESSDs. |
master_vswitch_ids | Array of String | No | ["vsw-2ze3ds0mdip0hdz8i****"] | The IDs of the vSwitches that are specified for master nodes. |
name | String | Yes | cluster-demo | The name of the cluster. The name must be 1 to 63 characters in length, and can contain digits, letters, and hyphens (-). It cannot start with a hyphen (-). |
node_cidr_mask | String | No | 25 | The maximum number of IP addresses that can be assigned to each node. This number is determined by the specified pod CIDR block. This parameter takes effect only if the cluster uses the Flannel plug-in. Default value: 25. |
node_port_range | String | No | 30000~32767 | The node port range. Valid values: 30000 to 65535. |
num_of_nodes | Long | Yes | 3 | The number of worker nodes that you want to create. Valid values: 0 to 100. |
pod_vswitch_ids | Array of String | No | ["vsw-2ze97jwri7cei0mpw****"] | The list of pod vSwitches. Note The For each vSwitch that is allocated to nodes, you must specify at least one pod vSwitch in the same zone. The pod vSwitches cannot be the same as the node |
proxy_mode | String | No | ipvs | The kube-proxy mode. Valid values: Default value: |
region_id | String | Yes | cn-beijing | The ID of the region where you want to deploy the cluster. |
runtime | Yes | {"name": "Sandboxed-Container.runv", "version": "2.2.0"} | The container runtime. Valid values:
Important Set the value to The version of the container runtime. By default, the latest version is used. For more information about the release notes on Sandboxed-Container, see Release notes of Sandboxed-Container. | |
security_group_id | String | No | sg-bp1bdue0qc1g7k**** | The ID of the existing security group that is specified for the cluster. You must set this parameter or the |
service_cidr | String | Yes | 172.21.0.0/20 | The CIDR block of Services. This CIDR block cannot overlap with the CIDR block of pods or the CIDR block of the VPC in which the cluster is deployed. If the VPC is automatically created by the system, the CIDR block of Services is set to 172.19.0.0/20 by default. |
snat_entry | Boolean | No | true | Specifies whether to configure SNAT rules for the VPC in which your cluster is deployed.
If your applications deployed in the cluster need to access the Internet, we recommend that you set the value to Default value: |
ssh_flags | Boolean | No | true | Specifies whether to enable SSH logon over the Internet. Valid values:
Default value: |
tags | Array | No | The labels that you want to add to the cluster. | |
key | String | No | env | The key of the label. |
value | String | No | prod | The value of the label. |
taints | Array | No | The taints that you want to add to nodes. Taints are added to nodes to prevent pods from being scheduled to inappropriate nodes. However, toleration rules allow pods to be scheduled to nodes with matching taints. For more information, see taint-and-toleration. | |
effect | String | No | NoSchedule | The scheduling policy. Valid values:
|
key | String | No | disk_type | The key of the taint. |
value | String | No | sshd | The value of the taint. |
timeout_mins | Long | No | 60 | The timeout period of cluster creation. Unit: minutes. Default value: 60. |
user_data | String | No | IyEvdXNyL2Jpbi9iYXNoCmVjaG8gIkhlbGxvIEFD**** | The user-defined data. For more information, see Instance user data. |
vpcid | String | Yes | vpc-2zeik9h3ahvv2zz95**** | The ID of the VPC where you want to deploy the cluster. |
vswitch_ids | Array of String | Yes | ["vsw-2ze48rkq464rsdts1****"] | The IDs of vSwitches. |
worker_auto_renew | Boolean | No | true | Specifies whether to enable auto-renewal for worker nodes. This parameter takes effect only if
Default value: |
worker_auto_renew_period | Long | No | 1 | The cycle of auto-renewal. This parameter takes effect and is required only if the subscription billing method is selected for worker nodes. Valid values: 1, 2, 3, 6, and 12. |
worker_data_disks | Array | Yes | The configuration of the data disk that is mounted to worker nodes. The configuration includes disk type and disk size. | |
auto_snapshot_policy_id | String | No | sp-bp14j6w7ss6ozz**** | The ID of the automatic snapshot policy. |
category | String | No | cloud_ssd | The type of data disk that is mounted to worker nodes. Valid values:
Default value: |
encrypted | String | No | false | Specifies whether to encrypt a data disk. Valid values:
Default value: |
size | String | Yes | 200 | The size of the data disk. Unit: GiB. Valid values:
Note You must mount at least one data disk to nodes that run sandboxed containers. The data disk must be at least 200 GiB in size. |
worker_instance_charge_type | String | Yes | PrePaid | The billing method of worker nodes. Valid values:
Default value: PostPaid. |
worker_instance_types | Array of String | Yes | ["ecs.ebmg5s.24xlarge"] | The instance types of worker nodes. Important To create a cluster that supports sandboxed containers, you must select ECS Bare Metal instances. |
worker_period | Long | No | 1 | The subscription duration of worker nodes. This parameter takes effect and is required only if Default value: 1. |
worker_period_unit | String | No | Month | The billing cycle of worker nodes. This parameter is required if worker_instance_charge_type is set to |
worker_system_disk_category | String | No | cloud_efficiency | The type of system disk that is specified for the worker nodes. Valid values:
Default value: |
worker_system_disk_size | Long | No | 200 | The size of the system disk that is specified for worker nodes. Unit: GiB. Valid values: 40 to 500. The value of this parameter must be at least 40 and no less than the image size. Default value: |
worker_vswitch_ids | Array of String | No | ["vsw-2ze3ds0mdip0hdz8i****"] | The list of vSwitches that are specified for nodes. Each node is allocated a vSwitch. |
zone_id | String | No | cn-beijing-b | The ID of the zone to which the cluster belongs. |
resource_group_id | String | No | rg-acfm3mkrure**** | The ID of the resource group to which the cluster belongs. You can use this parameter to isolate different clusters. |
Response syntax
HTTP/1.1 200
Content-Type:application/json
{
"cluster_id" : "String",
"request_id" : "String",
"task_id" : "String"
}
Response parameters
Parameter | Type | Example | Description |
cluster_id | String | cb95aa626a47740afbf6aa099b650**** | The ID of the ACK cluster. |
request_id | String | 687C5BAA-D103-4993-884B-C35E4314A1E1 | The ID of the request. |
task_id | String | T-5a54309c80282e39ea00002f | The ID of the task. |
Example 1: Create a dedicated Kubernetes cluster that supports sandboxed containers and uses the Flannel plug-in
Sample requests
POST /clusters
Common request headers
{
"cluster_type": "Kubernetes",
"name": "webService",
"region_id": "cn-hangzhou",
"disable_rollback": true,
"timeout_mins": 60,
"kubernetes_version": "1.18.8-aliyun.1",
"snat_entry": true,
"endpoint_public_access": false,
"cloud_monitor_flags": true,
"deletion_protection": false,
"node_cidr_mask": "26",
"proxy_mode": "ipvs",
"timezone": "Asia/Shanghai",
"tags": [],
"addons": [{
"name": "flannel"
}, {
"name": "arms-prometheus"
}, {
"name": "csi-plugin"
}, {
"name": "csi-provisioner"
}, {
"name": "logtail-ds",
"config": "{\"IngressDashboardEnabled\":\"true\"}"
}, {
"name": "ack-node-problem-detector",
"config": "{\"sls_project_name\":\"\"}"
}, {
"name": "nginx-ingress-controller",
"config": "{\"IngressSlbNetworkType\":\"internet\"}"
}],
"node_port_range": "30000-32767",
"login_password": "Hello1234!",
"cpu_policy": "none",
"master_count": 3,
"master_vswitch_ids": ["vsw-bp1hl2o4i9z7sbmy*****", "vsw-bp1hl2o4i9z7sbmy*****", "vsw-bp1hl2o4i9z7sbmy*****"],
"master_instance_types": ["ecs.c6e.large", "ecs.c6e.large", "ecs.c6e.large"],
"master_system_disk_category": "cloud_essd",
"master_system_disk_size": 120,
"runtime": {
"name": "Sandboxed-Container.runv",
"version": "2.1.0"
},
"worker_instance_types": ["ecs.ebmc5s.24xlarge"],
"num_of_nodes": 1,
"worker_system_disk_category": "cloud_essd",
"worker_system_disk_size": 120,
"worker_data_disks": [{
"category": "cloud_efficiency",
"size": "200",
"encrypted": "false",
"auto_snapshot_policy_id": ""
}],
"vpcid": "vpc-bp1gxh70jnkl12vq*****",
"worker_vswitch_ids": ["vsw-bp1hl2o4i9z7sbmy*****"],
"is_enterprise_security_group": true,
"container_cidr": "172.23.0.0/16",
"service_cidr": "172.21.0.0/20"
}
Sample success responses
XML
format
<cluster_id>cb95aa626a47740afbf6aa099b650****</cluster_id>
<task_id>T-5a54309c80282e39ea00002f</task_id>
<request_id>687C5BAA-D103-4993-884B-C35E4314A1E1</request_id>
JSON
format
{
"cluster_id": "cb95aa626a47740afbf6aa099b650****",
"task_id": "T-5a54309c80282e39ea00002f",
"request_id": "687C5BAA-D103-4993-884B-C35E4314A1E1"
}
Example 2: Create a dedicated Kubernetes cluster that supports sandboxed containers and uses the Terway plug-in
pod_vswitch_ids
is required if you create a cluster that uses the Terway plug-in.
Sample requests
POST /clusters HTTP/1.1
Common request headers
{
"cluster_type":"Kubernetes",
"name":"webService-terway",
"region_id":"cn-beijing",
"disable_rollback":true,
"timeout_mins":60,
"kubernetes_version":"1.14.8-aliyun.1",
"snat_entry":true,
"endpoint_public_access":true,
"ssh_flags":true,"cloud_monitor_flags":true,
"deletion_protection":false,
"proxy_mode":"ipvs",
"tags":[],
"addons":[{"name":"terway-eni"},{"name":"flexvolume"},{"name":"alicloud-disk-controller"},{"name":"logtail-ds","config":"{\"IngressDashboardEnabled\":\"false\"}"},{"name":"ack-node-problem-detector","config":"{\"sls_project_name\":\"\"}"},{"name":"nginx-ingress-controller","config":"{\"IngressSlbNetworkType\":\"internet\"}"}],
"os_type":"Linux",
"platform":"CentOS",
"node_port_range":"30000-32767",
"pod_vswitch_ids":["vsw-2zete8s4qocqg0mf6****"],
"key_pair":"sian-sshkey",
"cpu_policy":"none",
"master_count":3,
"master_vswitch_ids":["vsw-2zed90q9inwtuyfzd****","vsw-2zed90q9inwtuyfzd****","vsw-2zed90q9inwtuyfzd****"],
"master_instance_types":["ecs.i1.4xlarge","ecs.i1.4xlarge","ecs.i1.4xlarge"],
"master_system_disk_category":"cloud_ssd",
"master_system_disk_size":120,
"runtime":{"name":"docker","version":"18.09.2"},
"worker_instance_types":["ecs.i1.4xlarge"],
"num_of_nodes":1,
"worker_system_disk_category":"cloud_efficiency",
"worker_system_disk_size":120,
"vpcid":"vpc-2zecuu62b9zw7a7qnn2tv",
"worker_vswitch_ids":["vsw-2zed90q9inwtuyfzd****"],
"is_enterprise_security_group":true,
"service_cidr":"172.21.0.0/20"
}
Sample success responses
XML
format
<cluster_id>cb95aa626a47740afbf6aa099b650****</cluster_id>
<task_id>T-5a54309c80282e39ea00002f</task_id>
<request_id>687C5BAA-D103-4993-884B-C35E4314A1E1</request_id>
JSON
format
{
"cluster_id": "cb95aa626a47740afbf6aa099b650****",
"task_id": "T-5a54309c80282e39ea00002f",
"request_id": "687C5BAA-D103-4993-884B-C35E4314A1E1"
}
Error codes
For a list of error codes, visit the API Error Center.