Use Terraform to associate a deployment set with a node pool

Deployment sets are used to manage the distribution of Elastic Compute Service (ECS) instances. ECS instances in a deployment set are distributed across multiple physical servers for high redundancy. This improves the availability of your applications and implements disaster recovery. A node pool that is associated with a deployment set contains ECS nodes that are distributed across multiple physical servers. You can configure pod affinity to deploy your application pods to different ECS nodes. This way, disaster recovery is implemented and the availability of your applications is improved. This topic describes how to use Terraform to associate a deployment set with a node pool.

Prerequisites

Terraform is installed. For more information, see Install and configure Terraform on your on-premises machine.
Auto Scaling is activated and the default role for Auto Scaling is assigned to your account before you enable auto scaling for nodes. For more information, see Activate Auto Scaling.
A deployment set is created. For more information, see Create a deployment set.
The ECS quota of the deployment set is sufficient and sufficient ECS instances of the specified instance types are available. By default, each deployment set can contain up to 20 ECS instances in each zone. For more information, see View and increase resource quotas.
Your account information is configured.
You can specify identity information in environment variables.
```
export ALICLOUD_ACCESS_KEY="************"   # Replace the value with the AccessKey ID of your Alibaba Cloud account. 
export ALICLOUD_SECRET_KEY="************"   # Replace the value with the AccessKey secret of your Alibaba Cloud account. 
export ALICLOUD_REGION="cn-beijing"         # Replace the value with the ID of the region in which your cluster resides. 
```
Note
To improve the flexibility and security of permission management, we recommend that you create a Resource Access Management (RAM) user named Terraform. Then, create an AccessKey pair for the RAM user and grant permissions to the RAM user. For more information, see Create a RAM user and Grant permissions to RAM users.

Background information

To ensure the high availability of your application in a zone, you must deploy your application across multiple hosts. However, when a physical server is down, all application pods are affected. To resolve this issue, you can use deployment sets that are provided by ECS. The ECS instances that are contained in a deployment set are distributed across multiple physical servers and are isolated from each other. This helps prevent service disruptions that are caused by single points of failure. For more information, see Overview.

Limits

You can associate only one deployment set with each node pool and you cannot change the deployment sets that are associated with node pools.
You cannot manually add ECS instances to or remove ECS instances from deployment sets. If you want to change the number of ECS instances in a deployment set, you can scale the node pool with which the deployment set is associated. For more information, see Create a node pool.
After you associate a deployment set with a node pool, the node pool does not support preemptible instances or dedicated hosts.
When you add ECS instances to a deployment set, you can create up to 20 ECS instances in each zone. This limit varies based on the usage of your ECS instances. You can use the following formula to calculate the maximum number of ECS instances that you can create in a region: 20 × Number of zones in the region. The number of zones in a region varies based on the vSwitches that you select for the node pool. You cannot manually increase the quota of ECS instances in the quota center. To request a quota increase, submit an application in Quota Center.

Instances of the following instance families can be created in deployment sets:

Note

Some instance families support only specific deployment set strategies. You can call the DescribeDeploymentSetSupportedInstanceTypeFamily operation to query the instance families that support different deployment strategies.

Deployment strategy

Instance family that supports the strategy

High availability strategy and high availability group strategy

g8y, g7se, g7a, g7, g7t, g7ne, g6, g6e, g6a, g6h, g5, g5ne, sn2ne, sn2, and sn1
c8y, c7se, c7, c7t, c7a, c6, c6a, c6e, c5, ic5, and sn1ne
r8y, r7, r7se, r7t, r7a, r6, r6e, r6a, re6, re6p, r5, re4, se1ne, and se1
hfc7, hfg7, hfr7, hfc6, hfg6, hfr6, hfc5, and hfg5
d3c, d2s, d2c, d1, d1ne, d1-c14d3, and d1-c8d3
i3g, i3, i2, i2g, i2ne, i2gne, and i1
ebmg5, sccgn6, scch5, sccg5, scch5s, and sccg5s
t6, xn4, mn4, n4, e4, n2, and n1
gn6i

Low latency strategy

g8a and g8y
c8a and c8y
r8a and r8y

If the quota of ECS instances is exhausted, requests to add ECS instances to deployment sets or restart pay-as-you-go ECS instances in economical mode are denied. To increase the quota of ECS instances, submit an application in Quota Center.

For more information about the limits and quotas of deployment sets, see Limits.

Create a node pool and associate a deployment set with the node pool.

Use the following YAML template to create a node pool in an existing cluster, and then associate a deployment set with the node pool:

provider "alicloud" {
}

resource "alicloud_cs_kubernetes_node_pool" "test" {
  name                          = "tf-deploymentset"
  cluster_id                    = "c51a1ae4fcd754d4f9bc3b1****"
  vswitch_ids                   = ["vsw-bp1kh6qfb83vt****","vsw-bp13d9ojhwiimya****","vsw-bp1eyw8wt9k1d1l****","vsw-bp1nftkf9sk3fz****"] #Specify vSwitches that are deployed in different zones. This way, nodes that are added by Auto Scaling are evenly distributed across multiple zones. 
  instance_types                = ["ecs.c6.xlarge","ecs.c5.2xlarge","ecs.g5.2xlarge","ecs.i2g.2xlarge"]  #Specify instance types. 
  system_disk_category          = "cloud_ssd"
  system_disk_size              = 120

  # Specify the ID of the deployment set. 
  deployment_set_id             = "ds-bp1e19mmbsv3jf64****"

  instance_charge_type         = "PostPaid"
  security_group_id            = "sg-bp1ewlqw7ajyaqaz****"
  install_cloud_monitor        = true

  platform                     = "AliyunLinux"
  image_id                     = "aliyun_2_1903_x64_20G_alibase_20210726.vhd"

  password                     = "Hello1234"

  node_count                   = 3
}

The following sample code shows how to create a cluster and then create a node pool in the cluster. You must create a cluster before you can create a node pool.

provider "alicloud" {
}

variable "name" {
  default    = "tf-test"
}

data "alicloud_zones" default {
  available_resource_creation  = "VSwitch"
}

data "alicloud_instance_types" "default" {
  availability_zone            = data.alicloud_zones.default.zones.0.id
  cpu_core_count               = 2
  memory_size                  = 4
  kubernetes_node_role         = "Worker"
}

resource "alicloud_vpc" "default" {
  name                         = var.name
  cidr_block                   = "10.1.0.0/21"
}

resource "alicloud_vswitch" "default" {
  name                         = var.name
  vpc_id                       = alicloud_vpc.default.id
  cidr_block                   = "10.1.1.0/24"
  availability_zone            = "data.alicloud_zones.default.zones.0.id
}

resource "alicloud_key_pair" "default" {
  key_name                     = var.name
}

# Create a Container Service for Kubernetes (ACK) managed cluster. 
resource "alicloud_cs_managed_kubernetes" "default" {
  name                         = var.name
  count                        = 1
  cluster_spec                 = "ack.pro.small"
  is_enterprise_security_group = true
  worker_number                = 2
  password                     = "Hello1234"
  pod_cidr                     = "172.20.0.0/16"
  service_cidr                 = "172.21.0.0/20"
  worker_vswitch_ids           = [alicloud_vswitch.default.id]
  worker_instance_types        = [data.alicloud_instance_types.default.instance_types.0.id]
}

# Create a node pool that is associated with a deployment set in the cluster. 
resource "alicloud_cs_kubernetes_node_pool" "test" {
  name                          = "tf-deploymentset"
  cluster_id                    = "c51a1ae4fcd754d4f9bc3b1****"
  vswitch_ids                   = ["vsw-bp1kh6qfb83vt****","vsw-bp13d9ojhwiimya****","vsw-bp1eyw8wt9k1d1l****","vsw-bp1nftkf9sk3fz****"] #Specify vSwitches that are deployed in different zones. This way, nodes that are added by Auto Scaling are evenly distributed across multiple zones. 
  instance_types                = ["ecs.c6.xlarge","ecs.c5.2xlarge","ecs.g5.2xlarge","ecs.i2g.2xlarge"]  #Specify instance types. 
  system_disk_category          = "cloud_ssd"
  system_disk_size              = 120

  # Specify the ID of the deployment set. 
  deployment_set_id             = "ds-bp1e19mmbsv3jf64****"

  instance_charge_type         = "PostPaid"
  security_group_id            = "sg-bp1ewlqw7ajyaqaz****"
  install_cloud_monitor        = true

  platform                     = "AliyunLinux"
  image_id                     = "aliyun_2_1903_x64_20G_alibase_20210726.vhd"

  password                     = "Hello1234"

  node_count                   = 3
}

Run the following command to create the node pool:
```
terraform apply -target=alicloud_cs_kubernetes_node_pool.test
```
Results
After the node pool is created, you can use one of the following methods to verify the result.
- You can find the node pool that you created on the Node Pools page in the ACK console. You can click Edit in the Actions column to view the associated deployment set.
- You can find the deployment_set_id field below the node pool definition in the terraform.tfstate file.
```
"deployment_set_id": "ds-bp1e19mmbsv3jf64****"
```

References

Best practices for associating deployment sets with node pools