ALIYUN::CS::ManagedEdgeKubernetesCluster is used to create a managed edge Kubernetes instance.
Syntax
{
"Type": "ALIYUN::CS::ManagedEdgeKubernetesCluster",
"Properties": {
"NumOfNodes": Number,
"Profile": String,
"VpcId": String,
"ServiceCidr": String,
"Name": String,
"Tags": List,
"ProxyMode": String,
"DisableRollback": Boolean,
"SnatEntry": Boolean,
"VSwitchIds": List,
"LoginPassword": String,
"WorkerSystemDiskSize": Number,
"KeyPair": String,
"WorkerDataDiskCategory": String,
"EndpointPublicAccess": Boolean,
"WorkerDataDisk": Boolean,
"WorkerSystemDiskCategory": String,
"WorkerDataDiskSize": Integer,
"TimeoutMins": Number,
"ContainerCidr": String,
"CloudMonitorFlags": Boolean
}
}Properties
| Parameter | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| NumOfNodes | Number | Yes | Not supported | Worker Nodes | Value range: 0-300 |
| Profile | String | No | Released | Edge Cluster identity | None |
| VpcId | String | No | Released | The ID of the VPC. If this parameter is not specified, the system automatically creates a VPC. The CIDR block of the VPC is 192.168.0.0/16. | The values of VpcId and VSwitchIds must be both specified or specified at the same time. |
| ServiceCidr | String | No | Released | Service CIDR | The error message returned because the specified IP address does not conflict with the CIDR block of the VPC and the CIDR block of the container. If you select automatically create VPC, the CIDR block 172.19.0.0/20 is used by default. |
| Name | String | Yes | Not supported | Cluster Name | It must start with a letter or digit and can contain uppercase letters, lowercase letters, Chinese character, digits, and hyphens (-). |
| Tags | List | Erased | Released | Tags | Up to 20 labels can be set. |
| ProxyMode | String | No | Released | Kube-proxy Mode | Valid values:
|
| DisableRollback | Boolean | Erased | Released | Whether to roll back when the operation fails |
|
| SnatEntry | Boolean | Erased | Released | Configure SNAT for the network |
|
| VSwitchIds | List | Yes | Not supported | VSwitch ID | Value range: 1-3
The values of VpcId and VSwitchIds must be both specified or specified at the same time. |
| LoginPassword | String | No | Released | Logon Password |
Only one parameter can be specified for both LoginPassword and KeyPair. |
| KeyPair | String | No | Released | The AccessKey pair name. | Only one parameter can be specified for both LoginPassword and KeyPair. |
| EndpointPublicAccess | Boolean | Erased | Released | Whether create an API Server through the public network |
Valid values:
Note
In the edge cluster scenario, the edge nodes interact with the cloud through the public
network, so the edge cluster needs to be created the public network API Server.
|
| WorkerSystemDiskSize | Number | Erased | Released | The system disk size of worker nodes. | Default value: 120.
Unit: GB |
| WorkerSystemDiskCategory | String | No | Released | The system disk type of worker nodes. | Default value: cloud_efficiency |
| WorkerDataDisk | Boolean | Erased | Released | Worker Node data disk attached | Valid values:
|
| WorkerDataDiskSize | Integer | Erased | Released | The data disk size of Worker nodes. | None |
| WorkerDataDiskCategory | String | No | Released | The type of the data disk. | None |
| TimeoutMins | Number | Erased | Released | Creation timeout | Default value: 60.
Unit: minutes |
| ContainerCidr | String | No | Released | CIDR block of the container | It cannot conflict with a VPC. If you select automatically create VPC, the CIDR block 172.16.0.0/16 is used by default. |
| CloudMonitorFlags | Boolean | Erased | Released | Whether to install the CloudMonitor agent. | Valid values:
|
Tags syntax
"Tags": [
{
"Key": String,
"Value": String
}
]Tags properties
| Parameter | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| Key | String | Yes | Not supported | The tag key. | It must be 1 to 64 characters in length, and cannot start with aliyun, acs:, https:// or http:// the beginning.
|
| Value | String | No | Released | The value of the new tag. | It must be 0 to 128 characters in length and cannot start with aliyun, acs:, https:// or http:// the beginning.
|
Return value
Fn::GetAtt
- ClusterId: The ID of the cluster.
- TaskId: The ID of the task. It is automatically allocated by the system to query the task status.
Examples
JSON format
{
"ROSTemplateFormatVersion": "2015-09-01",
"Resources": {
"ManagedEdgeKubernetesCluster": {
"Type": "ALIYUN::CS::ManagedEdgeKubernetesCluster",
"Properties": {
"NumOfNodes": {
"Ref": "NumOfNodes"
},
"Profile": {
"Ref": "Profile"
},
"VpcId": {
"Ref": "VpcId"
},
"ServiceCidr": {
"Ref": "ServiceCidr"
},
"Name": {
"Ref": "Name"
},
"Tags": {
"Ref": "Tags"
},
"ProxyMode": {
"Ref": "ProxyMode"
},
"WorkerDataDisk": {
"Ref": "WorkerDataDisk"
},
"SnatEntry": {
"Ref": "SnatEntry"
},
"VSwitchIds": {
"Fn::Split": [
",",
{
"Ref": "VSwitchIds"
}
]
},
"TimeoutMins": {
"Ref": "TimeoutMins"
},
"WorkerSystemDiskSize": {
"Ref": "WorkerSystemDiskSize"
},
"KeyPair": {
"Ref": "KeyPair"
},
"WorkerDataDiskCategory": {
"Ref": "WorkerDataDiskCategory"
},
"EndpointPublicAccess": {
"Ref": "EndpointPublicAccess"
},
"DisableRollback": {
"Ref": "DisableRollback"
},
"WorkerSystemDiskCategory": {
"Ref": "WorkerSystemDiskCategory"
},
"WorkerDataDiskSize": {
"Ref": "WorkerDataDiskSize"
},
"LoginPassword": {
"Ref": "LoginPassword"
},
"ContainerCidr": {
"Ref": "ContainerCidr"
},
"CloudMonitorFlags": {
"Ref": "CloudMonitorFlags"
}
}
}
},
"Parameters": {
"NumOfNodes": {
"Type": "Number",
"Description": "Number of worker nodes. The range is [0,300]",
"MaxValue": 300,
"MinValue": 0
},
"Profile": {
"Default": "Edge",
"Type": "String",
"Description": "Edge cluster ID. The default value is Edge."
},
"VpcId": {
"Type": "String",
"Description": "VPC ID. If not set, the system will automatically create a VPC, and the VPC network segment created by the system is 192.168.0.0/16. \nVpcId and VSwitchId can only be empty at the same time or set the corresponding values at the same time."
},
"ServiceCidr": {
"Default": "172.19.0.0/20",
"Type": "String",
"Description": "The service network segment cannot conflict with the VPC network segment and the container network segment. When the system is selected to automatically create a VPC, the network segment 172.19.0.0/20 is used by default."
},
"Name": {
"Type": "String",
"Description": "The name of the cluster. The cluster name can use uppercase and lowercase letters, Chinese characters, numbers, and dashes."
},
"Tags": {
"Type": "Json",
"Description": "Tag the cluster."
},
"ProxyMode": {
"Default": "iptables",
"Type": "String",
"Description": "kube-proxy proxy mode, supports both iptables and IPVS modes. The default is iptables.",
"AllowedValues": [
"iptables",
"IPVS"
]
},
"WorkerDataDisk": {
"Default": false,
"Type": "Boolean",
"Description": "Whether to mount the data disk. The options are as follows:\ntrue: indicates that the worker node mounts data disks.\nfalse: indicates that the worker node does not mount data disks.\nDefault to false.",
"AllowedValues": [
true,
false
]
},
"SnatEntry": {
"Default": true,
"Type": "Boolean",
"Description": "Whether to configure SNAT for the network.\nWhen a VPC can access the public network environment, set it to false.\nWhen an existing VPC cannot access the public network environment:\nWhen set to True, SNAT is configured and the public network environment can be accessed at this time.\nIf set to false, it means that SNAT is not configured and the public network environment cannot be accessed at this time.\nDefault to true.",
"AllowedValues": [
true,
false
]
},
"VSwitchIds": {
"MinLength": 1,
"Type": "CommaDelimitedList",
"Description": "The virtual switch ID of the worker node.",
"MaxLength": 5
},
"TimeoutMins": {
"Default": 60,
"Type": "Number",
"Description": "Cluster resource stack creation timeout, in minutes. The default value is 60."
},
"WorkerSystemDiskSize": {
"Default": 120,
"Type": "Number",
"Description": "Worker disk system disk size, the unit is GiB.\nDefault to 120.",
"MinValue": 1
},
"KeyPair": {
"Type": "String",
"Description": "Key pair name. Specify one of KeyPair or LoginPassword."
},
"WorkerDataDiskCategory": {
"Type": "String",
"Description": "Data disk type."
},
"EndpointPublicAccess": {
"Default": false,
"Type": "Boolean",
"Description": "Whether to enable the public network API Server:\ntrue: The default is True, which means that the public network API Server is open.\nfalse: If set to false, the API server on the public network will not be created, only the API server on the private network will be created.Default to false.",
"AllowedValues": [
true,
false
]
},
"DisableRollback": {
"Default": true,
"Type": "Boolean",
"Description": "Whether the failure was rolled back:\ntrue: indicates that it fails to roll back\nfalse: rollback failed\nThe default is true. If rollback fails, resources produced during the creation process will be released. False is not recommended.",
"AllowedValues": [
true,
false
]
},
"WorkerSystemDiskCategory": {
"Default": "cloud_efficiency",
"Type": "String",
"Description": "Worker node system disk type. \nDefault to cloud_efficiency."
},
"WorkerDataDiskSize": {
"Type": "Number",
"Description": "Data disk size in GiB.",
"MinValue": 1
},
"LoginPassword": {
"Type": "String",
"Description": "SSH login password. Password rules are 8-30 characters and contain three items (upper and lower case letters, numbers, and special symbols). Specify one of KeyPair or LoginPassword."
},
"ContainerCidr": {
"Default": "172.16.0.0/16",
"Type": "String",
"Description": "The container network segment cannot conflict with the VPC network segment. When the system is selected to automatically create a VPC, the network segment 172.16.0.0/16 is used by default."
},
"CloudMonitorFlags": {
"Default": false,
"Type": "Boolean",
"Description": "Whether to install the cloud monitoring plugin:\ntrue: indicates installation\nfalse: Do not install\nDefault to false",
"AllowedValues": [
true,
false
]
}
},
"Outputs": {
"ClusterId": {
"Description": "Cluster instance ID.",
"Value": {
"Fn::GetAtt": [
"ManagedEdgeKubernetesCluster",
"ClusterId"
]
}
},
"TaskId": {
"Description": "Task ID. Automatically assigned by the system, the user queries the task status.",
"Value": {
"Fn::GetAtt": [
"ManagedEdgeKubernetesCluster",
"TaskId"
]
}
}
}
}YAML format
ROSTemplateFormatVersion: '2015-09-01'
Resources:
ManagedEdgeKubernetesCluster:
Type: 'ALIYUN::CS::ManagedEdgeKubernetesCluster'
Properties:
NumOfNodes:
Ref: NumOfNodes
Profile:
Ref: Profile
VpcId:
Ref: VpcId
ServiceCidr:
Ref: ServiceCidr
Name:
Ref: Name
Tags:
Ref: Tags
ProxyMode:
Ref: ProxyMode
WorkerDataDisk:
Ref: WorkerDataDisk
SnatEntry:
Ref: SnatEntry
VSwitchIds:
'Fn::Split':
-','
-Ref: VSwitchIds
TimeoutMins:
Ref: TimeoutMins
WorkerSystemDiskSize:
Ref: WorkerSystemDiskSize
KeyPair:
Ref: KeyPair
WorkerDataDiskCategory:
Ref: WorkerDataDiskCategory
EndpointPublicAccess:
Ref: EndpointPublicAccess
DisableRollback:
Ref: DisableRollback
WorkerSystemDiskCategory:
Ref: WorkerSystemDiskCategory
WorkerDataDiskSize:
Ref: WorkerDataDiskSize
LoginPassword:
Ref: LoginPassword
ContainerCidr:
Ref: ContainerCidr
CloudMonitorFlags:
Ref: CloudMonitorFlags
Parameters:
NumOfNodes:
Type: Number
Description: 'Number of worker nodes. The range is [0,300]'
MaxValue: 300
MinValue: 0
Profile:
Default: Edge
Type: String
Description: Edge cluster ID. The default value is Edge.
VpcId:
Type: String
Description: >-
VPC ID. If not set, the system will automatically create a VPC, and the
VPC network segment created by the system is 192.168.0.0/16.
VpcId and VSwitchId can only be empty at the same time or set the
corresponding values at the same time.
ServiceCidr:
Default: 172.19.0.0/20
Type: String
Description: >-
The service network segment cannot conflict with the VPC network segment
and the container network segment. When the system is selected to
automatically create a VPC, the network segment 172.19.0.0/20 is used by
default.
Name:
Type: String
Description: >-
The name of the cluster. The cluster name can use uppercase and lowercase
letters, Chinese characters, numbers, and dashes.
Tags:
Type: Json
Description: Tag the cluster.
ProxyMode:
Default: iptables
Type: String
Description: >-
kube-proxy proxy mode, supports both iptables and IPVS modes. The default
is iptables.
AllowedValues:
-iptables
-IPVS
WorkerDataDisk:
Default: false
Type: Boolean
Description: |-
Whether to mount the data disk. The options are as follows:
true: indicates that the worker node mounts data disks.
false: indicates that the worker node does not mount data disks.
Default to false.
AllowedValues:
- true
- false
SnatEntry:
Default: true
Type: Boolean
Description: >-
Whether to configure SNAT for the network.
When a VPC can access the public network environment, set it to false.
When an existing VPC cannot access the public network environment:
When set to True and SNAT is configured and the public network environment
can be accessed at this time.
If set to false and it means that SNAT is not configured and the public
network environment cannot be accessed at this time.
Default to true.
AllowedValues:
- true
- false
VSwitchIds:
MinLength: 1
Type: CommaDelimitedList
Description: The virtual switch ID of the worker node.
MaxLength: 5
TimeoutMins:
Default: 60
Type: Number
Description: >-
Cluster resource stack creation timeout, in minutes. The default value is
60.
WorkerSystemDiskSize:
Default: 120
Type: Number
Description: |-
Worker disk system disk size, the unit is GiB.
Default to 120.
MinValue: 1
KeyPair:
Type: String
Description: Key pair name. Specify one of KeyPair or LoginPassword.
WorkerDataDiskCategory:
Type: String
Description: Data disk type.
EndpointPublicAccess:
Default: false
Type: Boolean
Description: >-
Whether to enable the public network API Server:
true: The default is True, which means that the public network API Server
is open.
false: If set to false, the API server on the public network will not be
created, only the API server on the private network will be
created.Default to false.
AllowedValues:
- true
- false
DisableRollback:
Default: true
Type: Boolean
Description: >-
Whether the failure was rolled back:
true: indicates that it fails to roll back
false: rollback failed
The default is true. If rollback fails and resources produced during the
creation process will be released. False is not recommended.
AllowedValues:
- true
- false
WorkerSystemDiskCategory:
Default: cloud_efficiency
Type: String
Description: |-
Worker node system disk type.
Default to cloud_efficiency.
WorkerDataDiskSize:
Type: Number
Description: Data disk size in GiB.
MinValue: 1
LoginPassword:
Type: String
Description: >-
SSH login password. Password rules are 8-30 characters and contain three
items (upper and lower case letters, numbers, and special symbols).
Specify one of KeyPair or LoginPassword.
ContainerCidr:
Default: 172.16.0.0/16
Type: String
Description: >-
The container network segment cannot conflict with the VPC network
segment. When the system is selected to automatically create a VPC, the
network segment 172.16.0.0/16 is used by default.
CloudMonitorFlags:
Default: false
Type: Boolean
Description: |-
Whether to install the cloud monitoring plugin:
true: indicates installation
false: Do not install
Default to false
AllowedValues:
- true
- false
Outputs:
ClusterId:
Description: Cluster instance ID.
Value:
'Fn::GetAtt':
-ManagedEdgeKubernetesCluster
- ClusterId
TaskId:
Description: >-
Task ID. Automatically assigned by the system and the user queries the task
status.
Value:
'Fn::GetAtt':
-ManagedEdgeKubernetesCluster
-TaskId