ALIYUN::CS::ManagedEdgeKubernetesCluster is used to create a managed edge Container Service for Kubernetes (ACK) cluster.
Syntax
{
"Type": "ALIYUN::CS::ManagedEdgeKubernetesCluster",
"Properties": {
"NumOfNodes": Number,
"Profile": String,
"VpcId": String,
"ServiceCidr": String,
"Name": String,
"Tags": List,
"ProxyMode": String,
"DisableRollback": Boolean,
"SnatEntry": Boolean,
"VSwitchIds": List,
"LoginPassword": String,
"WorkerSystemDiskSize": Number,
"KeyPair": String,
"Addons": List,
"WorkerDataDiskCategory": String,
"EndpointPublicAccess": Boolean,
"WorkerDataDisk": Boolean,
"WorkerSystemDiskCategory": String,
"WorkerDataDiskSize": Integer,
"TimeoutMins": Number,
"ClusterSpec": String,
"ContainerCidr": String,
"CloudMonitorFlags": Boolean,
"WorkerInstanceTypes": List
}
}Properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| NumOfNodes | Number | Yes | No | The number of worker nodes. | Valid values: 0 to 300. |
| Profile | String | No | No | The ID of the edge cluster. | Default value: Edge. |
| VpcId | String | No | No | The ID of the virtual private cloud (VPC). | If you do not specify this parameter, the system creates a VPC whose CIDR block is
192.168.0.0/16.
You must specify both the VpcId and VSwitchIds parameters or leave both parameters empty. |
| ServiceCidr | String | No | No | The CIDR block of the service. | The CIDR block of the service cannot overlap with that of the VPC or container. If the VPC is created by the system, the service CIDR block is set to 172.19.0.0/20 by default. |
| Name | String | Yes | No | The name of the cluster. | The name can contain letters, digits, and hyphens (-). It must start with a letter or digit. |
| Tags | List | No | No | The tags of the cluster. | A maximum of 20 tags can be specified.
For more information, see Tags properties. |
| Addons | List | No | No | The list of add-ons to be installed. | Valid values:
|
| ProxyMode | String | No | No | The kube-proxy mode. | Default value: iptables. Valid values:
|
| DisableRollback | Boolean | No | No | Specifies whether to disable rollback for the resource if the cluster fails to be created. | Default value: true. Valid values:
|
| SnatEntry | Boolean | No | No | Specifies whether to configure Source Network Address Translation (SNAT) rules for the network. | If you want to use an automatically created VPC, set this parameter to true.
If an existing VPC is specified, set this parameter based on whether the VPC has Internet access. |
| VSwitchIds | List | No | No | The list of vSwitch IDs. | One to three vSwitch IDs can be specified.
You must specify both the VpcId and VSwitchIds parameters or leave both parameters empty. |
| LoginPassword | String | No | No | The logon password. | The password must be 8 to 30 characters in length. It must contain at least three
of the following character types: uppercase letters, lowercase letters, digits, and
special characters. Special characters include ( ) ` ~ ! @ # $ % ^ & * - + = | { } [ ] : ; ' < > , . ? /
You must specify one of the LoginPassword and KeyPair parameters. |
| KeyPair | String | No | No | The name of the key pair. | You must specify one of the LoginPassword and KeyPair parameters. |
| EndpointPublicAccess | Boolean | No | No | Specifies whether to enable access to the API server over the Internet. | Default value: true. Valid values:
|
| WorkerSystemDiskSize | Number | No | No | The system disk size of the worker node. | Default value: 120
Unit: GiB. |
| WorkerSystemDiskCategory | String | No | No | The system disk category of the worker node. | Default value: cloud_efficiency. |
| WorkerDataDisk | Boolean | No | No | Specifies whether to attach a data disk to the worker node. | Default value: false. Valid values:
|
| WorkerDataDiskSize | Integer | No | No | The size of a data disk attached to the worker node. | None |
| WorkerDataDiskCategory | String | No | No | The type of the data disk. | None |
| TimeoutMins | Number | No | No | The timeout period for the system to create a cluster stack. | Default value: 60.
Unit: minutes. |
| ClusterSpec | String | No | No | The type of the managed cluster. | Default value: ack.standard. Valid values:
|
| ContainerCidr | String | No | No | The container CIDR block. | The CIDR block of the container cannot overlap with that of the VPC. If the VPC is created by the system, the container CIDR block is set to 172.16.0.0/16 by default. |
| CloudMonitorFlags | Boolean | No | No | Specifies whether to install the CloudMonitor agent. | Default value: false. Valid values:
|
| WorkerInstanceTypes | List | No | No | The instance types of worker nodes. | None |
Tags syntax
"Tags": [
{
"Key": String,
"Value": String
}
]Tags properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| Key | String | Yes | No | The key of a tag. | The tag key must be 1 to 64 characters in length and cannot start with aliyun, acs:, https://, or http://.
|
| Value | String | No | No | The value of a tag. | The tag value must be 0 to 128 characters in length and cannot start with aliyun, acs:, http://, or https://.
|
Addons syntax
"Addons": [
{
"Disabled": Boolean,
"Config": String,
"Name": String
}
]Addons properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| Disabled | Boolean | No | No | Specifies whether to disable automatic installation of the add-on. | Valid values:
|
| Config | String | No | No | The configurations of the add-on. | If this parameter is empty, no configuration is required. |
| Name | String | Yes | No | The name of the add-on. | None |
Response parameters
Fn::GetAtt
- ClusterId: the ID of the cluster.
- TaskId: the ID of the task. The task ID is assigned by the system and can be used to query the task status.
- WorkerRamRoleName: the RAM role name of the worker node.
Examples
JSON format
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"EndpointPublicAccess": {
"Type": "Boolean",
"Description": "Whether to enable the public network API Server:\ntrue: which means that the public network API Server is open.\nfalse: If set to false, the API server on the public network will not be created, only the API server on the private network will be created.Default to true.",
"AllowedValues": [
"True",
"true",
"False",
"false"
],
"Default": true
},
"ContainerCidr": {
"Type": "String",
"Description": "The container network segment cannot conflict with the VPC network segment. When the system is selected to automatically create a VPC, the network segment 172.16.0.0/16 is used by default.",
"Default": "172.16.0.0/16"
},
"KeyPair": {
"Type": "String",
"Description": "Key pair name. Specify one of KeyPair or LoginPassword."
},
"VSwitchIds": {
"Type": "CommaDelimitedList",
"Description": "The virtual switch ID of the worker node.",
"MinLength": 1,
"MaxLength": 5
},
"TimeoutMins": {
"Type": "Number",
"Description": "Cluster resource stack creation timeout, in minutes. The default value is 60.",
"Default": 60
},
"Addons": {
"Type": "Json",
"Description": "The add-ons to be installed for the cluster."
},
"ClusterSpec": {
"Type": "String",
"Description": "The edge managed cluster spec. Value:\nack.pro.small: Professional hosting cluster, namely: \"ACK Pro version cluster\".\nack.standard: Standard hosting cluster.\nDefault value: ack.standard. The value can be empty. When it is empty, a standard managed cluster will be created."
},
"WorkerSystemDiskCategory": {
"Type": "String",
"Description": "Worker node system disk type. \nDefault to cloud_efficiency.",
"Default": "cloud_efficiency"
},
"WorkerSystemDiskSize": {
"Type": "Number",
"Description": "Worker disk system disk size, the unit is GiB.\nDefault to 120.",
"MinValue": 1,
"Default": 120
},
"Profile": {
"Type": "String",
"Description": "Edge cluster ID. The default value is Edge.",
"Default": "Edge"
},
"Name": {
"Type": "String",
"Description": "The name of the cluster. The cluster name can use uppercase and lowercase letters, Chinese characters, numbers, and dashes."
},
"WorkerDataDisk": {
"Type": "Boolean",
"Description": "Whether to mount the data disk. The options are as follows:\ntrue: indicates that the worker node mounts data disks.\nfalse: indicates that the worker node does not mount data disks.\nDefault to false.",
"AllowedValues": [
"True",
"true",
"False",
"false"
],
"Default": false
},
"VpcId": {
"Type": "String",
"Description": "VPC ID. If not set, the system will automatically create a VPC, and the VPC network segment created by the system is 192.168.0.0/16. \nVpcId and VSwitchId can only be empty at the same time or set the corresponding values at the same time."
},
"WorkerDataDiskSize": {
"Type": "Number",
"Description": "Data disk size in GiB.",
"MinValue": 1
},
"CloudMonitorFlags": {
"Type": "Boolean",
"Description": "Whether to install the cloud monitoring plugin:\ntrue: indicates installation\nfalse: Do not install\nDefault to false",
"AllowedValues": [
"True",
"true",
"False",
"false"
],
"Default": false
},
"NumOfNodes": {
"Type": "Number",
"Description": "Number of worker nodes. The range is [0,300]",
"MinValue": 0,
"MaxValue": 300
},
"ServiceCidr": {
"Type": "String",
"Description": "The service network segment cannot conflict with the VPC network segment and the container network segment. When the system is selected to automatically create a VPC, the network segment 172.19.0.0/20 is used by default.",
"Default": "172.19.0.0/20"
},
"WorkerDataDiskCategory": {
"Type": "String",
"Description": "Data disk type."
},
"SnatEntry": {
"Type": "Boolean",
"Description": "Whether to configure SNAT for the network.\nWhen a VPC can access the public network environment, set it to false.\nWhen an existing VPC cannot access the public network environment:\nWhen set to True, SNAT is configured and the public network environment can be accessed at this time.\nIf set to false, it means that SNAT is not configured and the public network environment cannot be accessed at this time.\nDefault to true.",
"AllowedValues": [
"True",
"true",
"False",
"false"
],
"Default": true
},
"ProxyMode": {
"Type": "String",
"Description": "kube-proxy proxy mode, supports both iptables and ipvs modes. The default is iptables.",
"Default": "iptables"
},
"DisableRollback": {
"Type": "Boolean",
"Description": "Whether the failure was rolled back:\ntrue: indicates that it fails to roll back\nfalse: rollback failed\nThe default is true. If rollback fails, resources produced during the creation process will be released. False is not recommended.",
"AllowedValues": [
"True",
"true",
"False",
"false"
],
"Default": true
},
"Tags": {
"Type": "Json",
"Description": "Tag the cluster."
},
"WorkerInstanceTypes": {
"Type": "Json",
"Description": "Worker node ECS specification type code. For more details, see Instance Specification Family.",
"MinLength": 1,
"MaxLength": 10
},
"LoginPassword": {
"Type": "String",
"Description": "SSH login password. Password rules are 8-30 characters and contain three items (upper and lower case letters, numbers, and special symbols). Specify one of KeyPair or LoginPassword."
}
},
"Resources": {
"ManagedEdgeKubernetesCluster": {
"Type": "ALIYUN::CS::ManagedEdgeKubernetesCluster",
"Properties": {
"EndpointPublicAccess": {
"Ref": "EndpointPublicAccess"
},
"ContainerCidr": {
"Ref": "ContainerCidr"
},
"KeyPair": {
"Ref": "KeyPair"
},
"VSwitchIds": {
"Ref": "VSwitchIds"
},
"TimeoutMins": {
"Ref": "TimeoutMins"
},
"Addons": {
"Ref": "Addons"
},
"ClusterSpec": {
"Ref": "ClusterSpec"
},
"WorkerSystemDiskCategory": {
"Ref": "WorkerSystemDiskCategory"
},
"WorkerSystemDiskSize": {
"Ref": "WorkerSystemDiskSize"
},
"Profile": {
"Ref": "Profile"
},
"Name": {
"Ref": "Name"
},
"WorkerDataDisk": {
"Ref": "WorkerDataDisk"
},
"VpcId": {
"Ref": "VpcId"
},
"WorkerDataDiskSize": {
"Ref": "WorkerDataDiskSize"
},
"CloudMonitorFlags": {
"Ref": "CloudMonitorFlags"
},
"NumOfNodes": {
"Ref": "NumOfNodes"
},
"ServiceCidr": {
"Ref": "ServiceCidr"
},
"WorkerDataDiskCategory": {
"Ref": "WorkerDataDiskCategory"
},
"SnatEntry": {
"Ref": "SnatEntry"
},
"ProxyMode": {
"Ref": "ProxyMode"
},
"DisableRollback": {
"Ref": "DisableRollback"
},
"Tags": {
"Ref": "Tags"
},
"WorkerInstanceTypes": {
"Ref": "WorkerInstanceTypes"
},
"LoginPassword": {
"Ref": "LoginPassword"
}
}
}
},
"Outputs": {
"TaskId": {
"Description": "Task ID. Automatically assigned by the system, the user queries the task status.",
"Value": {
"Fn::GetAtt": [
"ManagedEdgeKubernetesCluster",
"TaskId"
]
}
},
"ClusterId": {
"Description": "Cluster instance ID.",
"Value": {
"Fn::GetAtt": [
"ManagedEdgeKubernetesCluster",
"ClusterId"
]
}
},
"WorkerRamRoleName": {
"Description": "Worker ram role name.",
"Value": {
"Fn::GetAtt": [
"ManagedEdgeKubernetesCluster",
"WorkerRamRoleName"
]
}
}
}
}YAML format
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
EndpointPublicAccess:
Type: Boolean
Description: >-
Whether to enable the public network API Server:
true: which means that the public network API Server is open.
false: If set to false, the API server on the public network will not be
created, only the API server on the private network will be
created.Default to true.
AllowedValues:
- 'True'
- 'true'
- 'False'
- 'false'
Default: true
ContainerCidr:
Type: String
Description: >-
The container network segment cannot conflict with the VPC network
segment. When the system is selected to automatically create a VPC, the
network segment 172.16.0.0/16 is used by default.
Default: 172.16.0.0/16
KeyPair:
Type: String
Description: Key pair name. Specify one of KeyPair or LoginPassword.
VSwitchIds:
Type: CommaDelimitedList
Description: The virtual switch ID of the worker node.
MinLength: 1
MaxLength: 5
TimeoutMins:
Type: Number
Description: >-
Cluster resource stack creation timeout, in minutes. The default value is
60.
Default: 60
Addons:
Type: Json
Description: The add-ons to be installed for the cluster.
ClusterSpec:
Type: String
Description: >-
The edge managed cluster spec. Value:
ack.pro.small: Professional hosting cluster, namely: "ACK Pro version
cluster".
ack.standard: Standard hosting cluster.
Default value: ack.standard. The value can be empty. When it is empty, a
standard managed cluster will be created.
WorkerSystemDiskCategory:
Type: String
Description: |-
Worker node system disk type.
Default to cloud_efficiency.
Default: cloud_efficiency
WorkerSystemDiskSize:
Type: Number
Description: |-
Worker disk system disk size, the unit is GiB.
Default to 120.
MinValue: 1
Default: 120
Profile:
Type: String
Description: Edge cluster ID. The default value is Edge.
Default: Edge
Name:
Type: String
Description: >-
The name of the cluster. The cluster name can use uppercase and lowercase
letters, Chinese characters, numbers, and dashes.
WorkerDataDisk:
Type: Boolean
Description: |-
Whether to mount the data disk. The options are as follows:
true: indicates that the worker node mounts data disks.
false: indicates that the worker node does not mount data disks.
Default to false.
AllowedValues:
- 'True'
- 'true'
- 'False'
- 'false'
Default: false
VpcId:
Type: String
Description: >-
VPC ID. If not set, the system will automatically create a VPC, and the
VPC network segment created by the system is 192.168.0.0/16.
VpcId and VSwitchId can only be empty at the same time or set the
corresponding values at the same time.
WorkerDataDiskSize:
Type: Number
Description: Data disk size in GiB.
MinValue: 1
CloudMonitorFlags:
Type: Boolean
Description: |-
Whether to install the cloud monitoring plugin:
true: indicates installation
false: Do not install
Default to false
AllowedValues:
- 'True'
- 'true'
- 'False'
- 'false'
Default: false
NumOfNodes:
Type: Number
Description: 'Number of worker nodes. The range is [0,300]'
MinValue: 0
MaxValue: 300
ServiceCidr:
Type: String
Description: >-
The service network segment cannot conflict with the VPC network segment
and the container network segment. When the system is selected to
automatically create a VPC, the network segment 172.19.0.0/20 is used by
default.
Default: 172.19.0.0/20
WorkerDataDiskCategory:
Type: String
Description: Data disk type.
SnatEntry:
Type: Boolean
Description: >-
Whether to configure SNAT for the network.
When a VPC can access the public network environment, set it to false.
When an existing VPC cannot access the public network environment:
When set to True, SNAT is configured and the public network environment
can be accessed at this time.
If set to false, it means that SNAT is not configured and the public
network environment cannot be accessed at this time.
Default to true.
AllowedValues:
- 'True'
- 'true'
- 'False'
- 'false'
Default: true
ProxyMode:
Type: String
Description: >-
kube-proxy proxy mode, supports both iptables and ipvs modes. The default
is iptables.
Default: iptables
DisableRollback:
Type: Boolean
Description: >-
Whether the failure was rolled back:
true: indicates that it fails to roll back
false: rollback failed
The default is true. If rollback fails, resources produced during the
creation process will be released. False is not recommended.
AllowedValues:
- 'True'
- 'true'
- 'False'
- 'false'
Default: true
Tags:
Type: Json
Description: Tag the cluster.
WorkerInstanceTypes:
Type: Json
Description: >-
Worker node ECS specification type code. For more details, see Instance
Specification Family.
MinLength: 1
MaxLength: 10
LoginPassword:
Type: String
Description: >-
SSH login password. Password rules are 8-30 characters and contain three
items (upper and lower case letters, numbers, and special symbols).
Specify one of KeyPair or LoginPassword.
Resources:
ManagedEdgeKubernetesCluster:
Type: 'ALIYUN::CS::ManagedEdgeKubernetesCluster'
Properties:
EndpointPublicAccess:
Ref: EndpointPublicAccess
ContainerCidr:
Ref: ContainerCidr
KeyPair:
Ref: KeyPair
VSwitchIds:
Ref: VSwitchIds
TimeoutMins:
Ref: TimeoutMins
Addons:
Ref: Addons
ClusterSpec:
Ref: ClusterSpec
WorkerSystemDiskCategory:
Ref: WorkerSystemDiskCategory
WorkerSystemDiskSize:
Ref: WorkerSystemDiskSize
Profile:
Ref: Profile
Name:
Ref: Name
WorkerDataDisk:
Ref: WorkerDataDisk
VpcId:
Ref: VpcId
WorkerDataDiskSize:
Ref: WorkerDataDiskSize
CloudMonitorFlags:
Ref: CloudMonitorFlags
NumOfNodes:
Ref: NumOfNodes
ServiceCidr:
Ref: ServiceCidr
WorkerDataDiskCategory:
Ref: WorkerDataDiskCategory
SnatEntry:
Ref: SnatEntry
ProxyMode:
Ref: ProxyMode
DisableRollback:
Ref: DisableRollback
Tags:
Ref: Tags
WorkerInstanceTypes:
Ref: WorkerInstanceTypes
LoginPassword:
Ref: LoginPassword
Outputs:
TaskId:
Description: >-
Task ID. Automatically assigned by the system, the user queries the task
status.
Value:
'Fn::GetAtt':
- ManagedEdgeKubernetesCluster
- TaskId
ClusterId:
Description: Cluster instance ID.
Value:
'Fn::GetAtt':
- ManagedEdgeKubernetesCluster
- ClusterId
WorkerRamRoleName:
Description: Worker ram role name.
Value:
'Fn::GetAtt':
- ManagedEdgeKubernetesCluster
- WorkerRamRoleNameFor more examples, visit ManagedEdgeKubernetesCluster.json and ManagedEdgeKubernetesCluster.yml.