Creates an elastic container instance.

Description

When you call the CreateContainerGroup operation to create an elastic container instance, the system creates a service-linked role named AliyunServiceRoleForECI. This role is used to access other Alibaba Cloud services such as Elastic Compute Service (ECS) and Virtual Private Cloud (VPC). For more information, see Elastic Container Instance service-linked role.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes CreateContainerGroup

The operation that you want to perform. Set the value to CreateContainerGroup.

Container.N.Image String Yes registry-vpc.cn-hangzhou.aliyuncs.com/eci_open/nginx:latest

The image of container N.

Container.N.Name String Yes nginx

The image name of container N.

ContainerGroupName String Yes nginx-test

The name of the elastic container instance.

RegionId String Yes cn-hangzhou

The ID of the region.

ZoneId String No cn-hangzhou-b

The zone to which the instance belongs. If you do not specify a value for this parameter, the system selects a zone.

By default, this parameter is empty.

SecurityGroupId String No sg-uf66jeqopgqa9hdn****

The ID of the security group to which the instance is assigned. Instances within the same security group can access each other.

If you do not specify a security group, the system automatically uses the default security group in the region that you selected. You must make sure that the inbound rules of the security group contain the protocols and ports of the containers to be exposed. If you do not have a default security group in the region, the system automatically creates a default security group and adds the declared container protocols and ports to the inbound rules of the security group.

VSwitchId String No vsw-bp1xpiowfm5vo8o3c****,vsw-bp1rkyjgr1xwoho6k****

The ID of the vSwitch to which the instance is connected. You can specify up to 10 vSwitch IDs. Separate multiple vSwitch IDs with commas (,), for example, vsw-***,vsw-***.

If no vSwitch is specified, the system automatically uses the default vSwitch in the default VPC in the region that you selected. If you do not have a default VPC or a default vSwitch in the region, the system automatically creates a default VPC and a default vSwitch.

Note The number of IP addresses in the vSwitch CIDR block determines the maximum number of elastic container instances that you can create in the vSwitch. Before you create an elastic container instance container group, you must plan the CIDR block of the vSwitch.
RestartPolicy String No Always

The policy to restart the instance. Valid values:

  • Always: Always restarts the instance.
  • Never: Never restarts the instance.
  • OnFailure: Restarts the instance when the last start failed.

    Default value: Always.

EipInstanceId String No eip-uf66jeqopgqa9hdn****

The ID of the elastic IP address (EIP).

Cpu Float No 1.0

The number of vCPUs.

Memory Float No 2.0

The size of the memory.

ResourceGroupId String No rg-uf66jeqopgqa9hdn****

The ID of the resource group.

DnsPolicy String No Default

The DNS policy.

ClientToken String No 123e4567-xxxx-12d3-xxxx-426655440000

The client token that is used to ensure the idempotence of the request. You can use the client to generate the value, but you must make sure that the value is unique among different requests. The token can only contain ASCII characters and cannot exceed 64 characters in length. For more information, see Ensure idempotence.

InstanceType String No ecs.c5.xlarge

The ECS instance type. Different instance types are supported.

SlsEnable Boolean No false

Specifies whether to enable logging. Default value: false.

ImageSnapshotId String No imc-2zebxkiifuyzzlhl****

The ID of the image cache snapshot.

RamRoleName String No RamTestRole

The name of the instance RAM role. You can use a Resource Access Management (RAM) role to log on to elastic container instances and ECS instances. For more information, see Use an instance RAM role by calling API operations.

TerminationGracePeriodSeconds Long No 60

The buffer time in which the program handles operations before the program is stopped.

AutoMatchImageCache Boolean No false

Specifies whether to automatically match the image cache. Default value: false.

Ipv6AddressCount Integer No 1

The number of IPv6 addresses.

ActiveDeadlineSeconds Long No 1000

The validity period. Unit: seconds.

SpotStrategy String No SpotPriceLimit

The preemption policy for the instance. Valid values:

  • NoSpot: The elastic container instance is a pay-as-you-go elastic container instance.
  • SpotWithPriceLimit: The elastic container instance is a preemptible elastic container instance that has a user-defined maximum hourly price.
  • SpotAsPriceGo: The elastic container instance is a preemptible elastic container instance whose price is based on the current market price.

Default value: NoSpot.

SpotPriceLimit Float No 0.025

The maximum hourly price of the preemptible elastic container instance. The value can be accurate to three decimal places.

If you set SpotStrategy to SpotWithPriceLimit, you must configure the SpotPriceLimit parameter.

CorePattern String No /xx/xx/core

The directory to store core dump files.

Note The configured path cannot start with |. You cannot use core dump files to configure executable programs.
AutoCreateEip Boolean No true

Specifies whether to automatically create an EIP and bind the EIP to the elastic container instance.

EipBandwidth Integer No 5

The bandwidth of the EIP. The default value is 5.

HostName String No test

The name of the elastic container instance.

IngressBandwidth Long No 1024000

The maximum inbound bandwidth. Unit: byte.

EgressBandwidth Long No 1024000

The maximum outbound bandwidth. Unit: byte.

CpuOptionsCore Integer No 2

The number of physical CPU cores. You can customize this number for only some instance types. For more information, see Customize CPU options.

CpuOptionsThreadsPerCore Integer No 2

The number of threads per core. You can customize this number for only some instance types. If you set this parameter to 1, Hyper-Threading is disabled. For more information, see Customize CPU options.

EphemeralStorage Integer No 20

The size of the temporary storage space. By default, an ESSD of the PL1 type is used. Unit: GiB.

SpotDuration Long No 1

The protection period of the preemptible instance. Unit: hours. Valid values: 0 to 6. Default value: 1.

Tag.N.Key String No version

The key of tag N.

Tag.N.Value String No 3

The value of tag N.

ImageRegistryCredential.N.Password String No yourpaasword

The password that is used to log on to the image repository N.

ImageRegistryCredential.N.Server String No registry-vpc.cn-shanghai.aliyuncs.com

The address of the image repository N.

ImageRegistryCredential.N.UserName String No yourusername

The username that is used to log on to image repository N.

Container.N.ReadinessProbe.TimeoutSeconds Integer No 1

The timeout period of the health check. Default value: 1. Minimum value: 1. Unit: seconds.

Container.N.ReadinessProbe.SuccessThreshold Integer No 1

The minimum number of consecutive times that a health check must succeed after a failed check before the health check is declared successful. Default value: 1. Set the value to 1.

Container.N.SecurityContext.Capability.Add.N RepeatList No NET_ADMIN

The permissions granted to processes in the container. Only NET_ADMIN and NET_RAW are supported.

Note By default, NET_RAW is not supported. To use NET_RAW submit a ticket.
Container.N.ReadinessProbe.TcpSocket.Port Integer No 8000

The port detected by Transmission Control Protocol (TCP) sockets when you use TCP sockets to perform health checks.

Container.N.ReadinessProbe.HttpGet.Scheme String No HTTP

The protocol type of HTTP GET requests when you use HTTP requests to perform health checks. Valid values:

  • HTTP
  • HTTPS
Container.N.LivenessProbe.PeriodSeconds Integer No 5

The interval at which the container is checked. Default value: 10. Minimum value: 1. Unit: seconds.

Container.N.SecurityContext.ReadOnlyRootFilesystem Boolean No true

Specifies whether the root file system on which the container runs is read-only. Valid value: true.

Container.N.EnvironmentVar.N.Key String No PATH

The name of the environment variable. The name must be 1 to 128 characters in length. Format requirements: The characters must be within the range of [0-9a-zA-Z]. The name can contain underscores and cannot start with a number.

Container.N.EnvironmentVar.N.Value String No /usr/local/bin

The value of the environment variable. The value must be 2 to 256 characters in length.

Container.N.EnvironmentVar.N.FieldRef.FieldPath String No status.podIP

The reference of the environment variable value. Only status.podIP is supported.

Container.N.LivenessProbe.TcpSocket.Port Integer No 8000

The port detected by TCP sockets when you use TCP sockets to perform health checks.

Container.N.Tty Boolean No false

Specifies whether to enable interaction. Default value: false.

If the command is a /bin/bash command, set the value to true.

Container.N.WorkingDir String No /usr/local/

The working directory of the container.

Container.N.Arg.N RepeatList No 100

The arguments that correspond to the startup commands of the container. You can specify up to 10 arguments.

Container.N.Stdin Boolean No false

Specifies whether the init container allocates buffer resources to standard input streams when the container is running. If this parameter is not specified, an EoF error may occur. Default value: false.

Container.N.LivenessProbe.InitialDelaySeconds Integer No 5

The number of seconds after the container is started before probes are started.

Container.N.VolumeMount.N.MountPropagation String No None

The mount propagation setting of the volume. Mount propagation allows volumes that are mounted by one container to be shared to other containers in the same pod, or to other pods on the same node. Valid values:

  • None: The volume mount does not receive subsequent mounts that are mounted to this volume or its subdirectories.
  • HostToCotainer: The volume mount receives all subsequent mounts that are mounted to this volume or its subdirectories.
  • Bidirectional: This value is similar to HostToCotainer. The volume mount receives all subsequent mounts that are mounted to this volume or its subdirectories. In addition, all volume mounts that are created by the container are propagated back to the instance and to all containers of all pods that use the same volume.

Default value: None.

Container.N.VolumeMount.N.MountPath String No /pod/data

The directory on which the container mounts the data volume.

Note Data under this directory is overwritten by the data on the volume.
Container.N.VolumeMount.N.ReadOnly Boolean No false

Specifies whether the volume is read-only. Default value: false.

Container.N.VolumeMount.N.SubPath String No data2/

The subdirectory of the volume.

Container.N.VolumeMount.N.Name String No default-volume1

The name of volume N. The name of volume N is the same as the name of the volume that is mounted to the containers.

Container.N.ImagePullPolicy String No Always

The policy to pull an image.

Container.N.StdinOnce Boolean No false

Specifies whether standard input streams are disconnected after a client is disconnected. If Container.N.StdinOnce is set to true, standard input streams remain connected during multiple sessions.

If Container.N.StdinOnce is set to true, standard input streams are connected after the container is started and remain idle until a client is connected to receive data. After the client is disconnected, streams are also disconnected and remain in the disconnected state until the container is started again.

Container.N.LifecyclePreStopHandlerTcpSocketPort Integer No 90

The port detected by TCP sockets when you use TCP sockets to specify the preStop callback function.

Container.N.LifecyclePostStartHandlerHttpGetPath String No /healthyz

The port to which HTTP GET requests are sent when you use HTTP requests to specify the postStart callback function.

Container.N.ReadinessProbe.PeriodSeconds Integer No 3

The interval at which the container is checked. Default value: 10. Minimum value: 1. Unit: seconds.

Container.N.LivenessProbe.SuccessThreshold Integer No 1

The minimum number of consecutive times that a health check must succeed after a failed check before the health check is declared successful. Default value: 1. Set the value to 1.

Container.N.Command.N RepeatList No sleep

The startup commands of the container. You can specify up to 20 commands. Each command contains a maximum of 256 characters.

Container.N.LifecyclePostStartHandlerTcpSocketPort Integer No 80

The port detected by TCP sockets when you use TCP sockets to specify the postStart callback function.

Container.N.ReadinessProbe.HttpGet.Path String No /healthz

The path to which HTTP GET requests are sent when you use HTTP requests to perform health checks.

Container.N.LivenessProbe.Exec.Command.N RepeatList No cat /tmp/healthy

Command N to be executed in the container when the health check is performed by using the command line interface (CLI).

Container.N.LifecyclePostStartHandlerExec.N RepeatList No ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"]

Command N to be executed in the container when you specify the postStart callback function by using the CLI.

Container.N.LifecyclePostStartHandlerHttpGetScheme String No HTTPS

The protocol type of HTTP GET requests when you use HTTP requests to specify the postStart callback function. Valid values:

  • HTTP
  • HTTPS
Container.N.LifecyclePostStartHandlerHttpGetHost String No 10.0.XX.XX

The address of the host that receives HTTP Get requests when you use HTTP requests to specify the postStart callback function.

Container.N.LifecyclePreStopHandlerHttpGetPath String No /healthyz

The path to which HTTP GET requests are sent when you use HTTP requests to specify the preStop callback function.

Container.N.Port.N.Protocol String No TCP

The protocol type. Valid values:

  • TCP
  • UDP
Container.N.Port.N.Port Integer No 80

The port number of the container. Valid values: 1 to 65535.

Container.N.LifecyclePreStopHandlerHttpGetScheme String No HTTP

The protocol type of HTTP GET requests when you use HTTP requests to specify the preStop callback function. Valid values:

  • HTTP
  • HTTPS
Container.N.LivenessProbe.HttpGet.Scheme String No HTTP

The protocol type of HTTP GET requests when you use HTTP requests to perform health checks. Valid values:

  • HTTP
  • HTTPS
Container.N.ReadinessProbe.HttpGet.Port Integer No 8080

The port to which HTTP GET requests are sent for health checks.

Container.N.LifecyclePostStartHandlerTcpSocketHost String No 10.0.XX.XX

The port detected by TCP sockets when you use TCP sockets to specify the postStart callback function.

Container.N.Gpu Integer No 1

The number of GPUs allocated to container N.

Container.N.ReadinessProbe.InitialDelaySeconds Integer No 3

The number of seconds after the container has started before probes are initiated.

Container.N.LifecyclePreStopHandlerExec.N RepeatList No ["/bin/sh", "-c","echo Hello from the preStop handler > /usr/share/message"]

Command N to be executed in the container when you specify the preStop callback function by using the CLI.

Container.N.Memory Float No 0.5

The amount of memory that is allocated to the container.

Container.N.LifecyclePreStopHandlerHttpGetHost String No 10.0.XX.XX

The address of the host that receives HTTP Get requests when you use HTTP requests to specify the preStop callback function.

Container.N.LifecyclePreStopHandlerTcpSocketHost String No 10.0.XX.XX

The address of the host detected by TCP sockets when you use HTTP requests to specify the preStop callback function.

Container.N.LifecyclePreStopHandlerHttpGetPort Integer No 88

The port to which HTTP GET requests are sent when you use HTTP requests to specify the preStop callback function.

Container.N.LivenessProbe.FailureThreshold Integer No 3

The minimum number of consecutive times that a health check must fail after a successful check before the health check is declared failed. Default value: 3.

Container.N.ReadinessProbe.Exec.Command.N RepeatList No cat /tmp/healthy

Command N to be executed in the container when the health check is performed by using the CLI.

Container.N.LifecyclePreStopHandlerHttpGetHttpHeader.N.Value String No test-preStop

The custom field value in the HTTP Get request header when you use HTTP requests to specify the preStop callback function.

Container.N.LifecyclePreStopHandlerHttpGetHttpHeader.N.Name String No Xiao-Custom-Header

The custom field value in the HTTP Get request header when you use HTTP requests to specify the preStop callback function.

Container.N.ReadinessProbe.FailureThreshold Integer No 3

The minimum number of consecutive times that a health check must fail after a successful check before the health check is declared failed. Default value: 3.

Container.N.Cpu Float No 0.25

The number of CPU cores in the container.

Container.N.LivenessProbe.HttpGet.Port Integer No 8888

The port to which HTTP GET requests are sent for health checks.

Container.N.LivenessProbe.HttpGet.Path String No /healthyz

The path to which HTTP GET requests are sent for health checks.

Container.N.LivenessProbe.TimeoutSeconds Integer No 1

The timeout period of the health check. Default value: 1. Minimum value: 1. Unit: seconds.

Container.N.SecurityContext.RunAsUser Long No 1000

The ID of the user that runs the container.

Container.N.LifecyclePostStartHandlerHttpGetPort Integer No 5050

The port to which HTTP Get requests are detected when you use HTTP requests to specify the postStart callback function.

Container.N.LifecyclePostStartHandlerHttpGetHttpHeader.N.Value String No test-postStart

The custom field value in the HTTP Get request header when you use HTTP requests to specify the postStart callback function.

Container.N.LifecyclePostStartHandlerHttpGetHttpHeader.N.Name String No Xiao-Custom-Header

The custom field name in the HTTP Get request header when you use HTTP requests to specify the postStart callback function.

Volume.N.Type String No ConfigFileVolume

The type of the volume.

Volume.N.DiskVolume.DiskSize Integer No 15

The storage size of the disk as a volume. Unit: GiB.

Volume.N.NFSVolume.Path String No /share

The path to the Network File System (NFS) volume.

Volume.N.DiskVolume.FsType String No xfs

The file system type of the disk as a volume.

Volume.N.FlexVolume.FsType String No ext4

The type of the file system for volume N. The default value is determined by the script of FlexVolume.

Volume.N.ConfigFileVolume.DefaultMode Integer No 0644

The default permissions on the ConfigFile volume.

Volume.N.NFSVolume.ReadOnly Boolean No false

Specifies whether the NFS volume is read-only. Default value: false.

Volume.N.ConfigFileVolume.ConfigFileToPath.N.Path String No liu/name

The relative path to the configuration file.

Volume.N.ConfigFileVolume.ConfigFileToPath.N.Mode Integer No 0644

The permissions on the ConfigFile volume.

Volume.N.ConfigFileVolume.ConfigFileToPath.N.Content String No bGl1bWk=

The content of the configuration file. Maximum size: 32 KB.

Volume.N.FlexVolume.Options String No {"volumeId":"d-2zehdahrwoa7srg****","performanceLevel": "PL2"}`

The FlexVolume objects. Each object is a key-value pair contained in a JSON string.

For example, when you use FlexVolume to mount a disk, the format of Options is {"volumeId":"d-2zehdahrwoa7srg****","performanceLevel": "PL2"}.

Volume.N.FlexVolume.Driver String No flexvolume

The name of the FlexVolume driver.

Volume.N.NFSVolume.Server String No 3f9cd4a596-naw76.cn-shanghai.nas.aliyuncs.com

The endpoint of the NFS server.

Volume.N.DiskVolume.DiskId String No d-xx

The ID of the disk as a volume.

Volume.N.Name String No default-volume1

The name of volume N.

Volume.N.EmptyDirVolume.Medium String No memory

The storage medium of the emptyDir volume. If you do not specify a storage medium for the emptyDir volume, the volume stores data in the file system of a node by default. A value of Memory specifies that the emptyDir volume stores data in the memory.

InitContainer.N.SecurityContext.Capability.Add.N RepeatList No NET_ADMIN

The permissions granted to processes in the container. Only NET_ADMIN and NET_RAW are supported.

Note By default, NET_RAW is not supported. To use NET_RAW, submit a ticket.
InitContainer.N.Image String No nginx

The container image.

InitContainer.N.VolumeMount.N.MountPropagation String No None

The mount propagation setting of the volume. Mount propagation allows volumes that are mounted by one container to be shared to other containers in the same pod, or to other pods on the same node. Valid values:

  • None: The volume mount does not receive subsequent mounts that are mounted to this volume or its subdirectories.
  • HostToCotainer: The volume mount receives all subsequent mounts that are mounted to this volume or its subdirectories.
  • Bidirectional: This value is similar to HostToCotainer. The volume mount receives all subsequent mounts that are mounted to this volume or its subdirectories. In addition, all volume mounts that are created by the container are propagated back to the instance and to all containers of all pods that use the same volume.

Default value: None.

InitContainer.N.VolumeMount.N.MountPath String No /usr/share/

The directory to which the volume is mounted. Data under this directory is overwritten by the data on the volume.

InitContainer.N.VolumeMount.N.ReadOnly Boolean No false

Specifies whether the mount path is read-only. Default value: false.

InitContainer.N.VolumeMount.N.SubPath String No /usr/sub/

The subdirectory of the volume. The container group can mount different directories of the same volume to different subdirectories of containers.

InitContainer.N.VolumeMount.N.Name String No test-empty

The name of the volume.

InitContainer.N.Port.N.Protocol String No TCP

The protocol type. Valid values:

  • TCP
  • UDP
InitContainer.N.Port.N.Port Integer No 8888

The port number of the container. Valid values: 1 to 65535.

InitContainer.N.SecurityContext.ReadOnlyRootFilesystem Boolean No true

Specifies whether the root file system is read-only. Valid value: true.

InitContainer.N.EnvironmentVar.N.Key String No Path

The name of the environment variable. The name must be 1 to 128 characters in length. Format requirements: The character must be within the range of[0-9a-zA-Z]. The name can contain underscores and cannot start with a number.

InitContainer.N.EnvironmentVar.N.Value String No /usr/bin/

The value of the environment variable. The value must be 2 to 256 characters in length.

InitContainer.N.EnvironmentVar.N.FieldRef.FieldPath String No status.podIP

The reference of the environment variable value. Only status.podIP is supported.

InitContainer.N.ImagePullPolicy String No Always

The policy to pull an image.

InitContainer.N.WorkingDir String No /usr/local

The working directory of the container.

InitContainer.N.Cpu Float No 0.5

The number of vCPUs.

InitContainer.N.Arg.N RepeatList No 10

The arguments that are passed to the commands.

InitContainer.N.Command.N RepeatList No sleep

The commands that are used to start the container.

InitContainer.N.Gpu Integer No 1

The number of GPUs that are allocated to container N.

InitContainer.N.SecurityContext.RunAsUser Long No 587

The ID of the user that runs the container.

InitContainer.N.Memory Float No 1.0

The size of the memory.

InitContainer.N.Name String No test-init

The name of the container.

DnsConfig.NameServer.N RepeatList No 172.10.*.**

The IP addresses of Domain Name System (DNS) servers.

DnsConfig.Search.N RepeatList No svc.local.kubenetes

The DNS lookup domains.

DnsConfig.Option.N.Value String No value

The value of the object.

DnsConfig.Option.N.Name String No name

The name of the object.

HostAliase.N.Ip String No 1.1.1.1

The IP address of the host.

HostAliase.N.Hostname.N RepeatList No hehe.com

The hostname of the container group.

SecurityContext.Sysctl.N.Value String No 65536

The variable value of the security context that the container group runs.

SecurityContext.Sysctl.N.Name String No kernel.msgmax

The name of the security context that the container group runs.

NtpServer.N RepeatList No ntp.cloud.aliyuncs.com

The domain name of the Network Time Protocol (NTP) server.

AcrRegistryInfo.N.Domain.N RepeatList No *****-****-registry.cn-beijing.cr.aliyuncs.com

Domain name N of the Container Registry Enterprise Edition instance. The default value is all domain names of the instance. You can specify multiple domain names. Separate multiple domain names with commas (,).

AcrRegistryInfo.N.InstanceName String No acr-test

The name of the Container Registry Enterprise Edition instance.

AcrRegistryInfo.N.InstanceId String No cri-nwj395hgf6f3****

The ID of the Container Registry Enterprise Edition instance.

AcrRegistryInfo.N.RegionId String No cn-beijing

The region ID of the Container Registry Enterprise Edition instance.

Response parameters

Parameter Type Example Description
ContainerGroupId String eci-uf6fonnghi50u374****

The ID of the elastic container instance.

RequestId String 89945DD3-9072-47D0-A318-353284CFC7B3

The ID of the request.

Examples

Sample requests

https://eci.aliyuncs.com/?Action=CreateContainerGroup
&Container.1.Image=registry-vpc.cn-hangzhou.aliyuncs.com/eci_open/nginx:latest
&Container.1.1ame=nginx
&ContainerGroupName=nginx-test
&RegionId=cn-hangzhou
&<Common request parameters>|

Sample success responses

XML format

<CreateContainerGroupResponse>
      <RequestId>89945DD3-9072-47D0-A318-353284CFC7B3    </RequestId>
      <ContainerGroupId>eci-uf6fonnghi50u374****</ContainerGroupId>
</CreateContainerGroupResponse>

JSON format

{
    "RequestId": "89945DD3-9072-47D0-A318-353284CFC7B3\t",
    "ContainerGroupId": "eci-uf6fonnghi50u374****"
}

Error codes

HttpCode Error code Error message Description
400 Account.Arrearage Your account has an outstanding payment. The error message returned because you have an overdue payment in your account.
400 DryRunOperation Request validation has been passed with DryRun flag set. The error message returned because the request is determined as valid in the dry run.
400 InvalidParameter.CPU.Memory The specified cpu and memory are not allowed The error message returned because the CPU and memory specifications are invalid.
400 InvalidParameter.DuplicatedName The container group include containers with duplicate names. The error message returned because the elastic container instance contains containers with duplicate names.
400 InvalidParameter.DuplicatedVolumeName The container group includes volumes with duplicate names. The error message returned because the elastic container instance contains volumes with duplicate names.
400 IncorrectStatus %s The error message returned because the status of the specified elastic container instance is invalid.
400 ServiceNotEnabled %s The error message returned because the service that is required to call the operation is not activated. Activate the service and try again later.
400 ImageSnapshot.IncorrectStatus %s The error message returned because the status of the image cache snapshot is invalid.
400 ImageSnapshot.NotSupport %s The error message returned because the image cache feature based on disk snapshots is not available to all users. If you need to use this feature, contact Alibaba Cloud customer service.
400 DiskVolume.NotSupport The disk volume is not supported. The error message returned because the disk cannot be used as a volume. If the error persists, contact Alibaba Cloud technical support personnel.
400 RamRole.NotSupport The RAM role is not supported. The error message returned because the specified RAM role is not supported.
400 DiskNumber.LimitExceed The maximum number of disks in an instance is exceeded. The error message returned because the maximum number of disks attached to the container group has been reached.
400 InvalidPaymentMethod.InsufficientBalance No payment method is specified for your account. We recommend that you add a payment method or add funds to the prepayment balance. The error message returned because a valid payment method is not specified for your Alibaba Cloud account. Specify a valid payment method or top up the balance.
400 DiskVolume.NotInSameZone The instance to be created and the disk are not in the same zone. The error message returned because the region of the instance that you want to create is not the same as the region of the disk.
400 NoPermission You are not authorized to use the "Product on ECI" feature. The error message returned because you are not authorized to use Elastic Container Instance.
400 HighCpuMemConfigRequired You need to apply to be added to the whitelist of the specified CPU and memory. The error message returned because your account is not authorized to use the specified CPU and memory resources.
400 RecommendEmpty.InstanceTypeFamilyNotMatched The recommended instance type is unavailable in the current zone. Try again later. The instance type of the instance that you want to create is unavailable in the specified zone. Try again later or create the instance in another zone.
400 LocalDiskAmountNotMatch The number of local volumes does not match the instance type. The number of local disks does not match the instance type.
400 Payfor.CreditPayInsufficientBalance Your payment credit line is insufficient. Your payment credit line is insufficient.
400 InvalidOperation.KMS.InstanceTypeNotSupport The specified instance is invalid. Only I/O optimized instances support KMS key. The error message returned because the specified instance is not supported. You can specify Key Management Service (KMS) keys only for I/O optimized instances.
400 InvalidParameter.Encrypted.KmsNotEnabled KMS must be enabled for encrypted disks. The error message returned because KMS is not activated. You must activate KMS to encrypt disks.
400 InvalidParameter.KMS.EncryptedIllegal After configuring the parameter KmsKeyId, you must enable encryption. The error message returned because the encryption feature is not enabled after a KMS key ID is specified.
403 OperationDenied.VswZoneMisMatch The specified VSwitchId is not in the specified Zone. The error message returned because the specified vSwitch is not deployed in the specified zone.
403 QuotaExceeded %s quota exceeded. The error message returned because the maximum number of elastic container instances that you can create has been reached.
403 Zone.NotOnSale The specified zone is not available for purchase. The error message returned because the specified zone is unavailable or because the vSwitches of the specified VPC are unavailable in the specified zone. Specify another zone.
403 Forbidden.RiskControl This operation has been identified as an abnormal operation and cannot be processed. The error message returned because the operation is determined as abnormal and cannot be performed.
403 Forbidden.SubUser The specified action is not available for you. The error message returned because you are not authorized to perform the operation.
403 Forbidden.OnlyForInvitedTest Eci create action is only open to invited users during public beta. The error message returned because Elastic Container Instance is available only to invited users during the public preview period.
403 OperationDenied.SecurityGroupMisMatch The specified VSwitchId and SecurityGroupId are not in the same VPC. The error message returned because the specified vSwitch and security group are not deployed in the same VPC.
403 InvalidVSwitchId.IpNotEnough The specified VSwitch does not have enough IP addresses. The error message returned because the vSwitch does not have sufficient IP addresses.
403 Forbidden.UserBussinessStatus This operation is not allowed, because you have overdue bills. Pay the overdue bill and try again. The error message returned because you have an overdue payment. Settle the overdue payment and try again later.
403 Forbidden.UserNotRealNameAuthentication This operation is not allowed, because you have not passed the real-name verification. The error message returned because you have not completed real-name verification and the operation is not allowed.
403 InvalidUser.PassRoleForbidden The RAM user is not authorized to assume a RAM role. The error message returned because RAM users do not have the permissions to assume a RAM role.
403 OperationDenied.NoStock Sales of this resource are temporarily suspended in the specified zone. We recommend that you use the multi-zone creation function to avoid the risk of insufficient resource. For more information, see https://help.aliyun.com/document_detail/157290.html The error message returned because the available resources are insufficient. Try another region or other instance types. To ensure that the available resources are sufficient, we recommend that you specify multiple zones and instance types. For more information, see https://www.alibabacloud.com/help/doc-detail/157290.html.
403 InvalidParameter.KMS.KeyId.Forbidden You are not authorized to access the specified KMSKeyId. You are not authorized to access the specified KMS Key ID.
403 NoPermission The RAM role AliyunECIContainerGroupRole does not belong to eci.aliyuncs.com. Please check and try again. The error message returned because the AliyunECIContainerGroupRole RAM role does not belong to eci.aliyuncs.com. Check the RAM role and try again.
403 Forbidden.AccountClosed The operation is forbidden. Your account has been closed. You are not allowed to perform the operation because your account is canceled.
403 InvalidOperation.ResourceManagedByCloudProduct The operation is forbidden. The security group has been managed by another cloud product. You are not allowed to perform the operation because the security group is managed by another cloud service.
403 Spot.NotMatched %s. We recommend that you use the create multi-zone function to avoid insufficient inventory. For more information, see https://help.aliyun.com/document_detail/157290.html %s. The error message returned because the inventory of the resource is insufficient. We recommend that you specify multiple zones and instance types to avoid insufficient resources. For more information, see https://www.alibabacloud.com/help/doc-detail/157290.htm?spm=a2c63.l28256.b99.50.3eaf3b03g0ERpm.
403 SecurityRisk.3DVerification We have detected a security risk with your default credit or debit card. Please proceed with verification via the link in your email. The error message returned because your default credit card or debit card is exposed to security risks. Click the link in the email for verification.
403 CreateServiceLinkedRole.Denied Please make sure the account has ram:CreateServiceLinkedRole permission. The error message returned because you do not have the ram:CreateServiceLinkedRole permission.
404 ImageSnapshot.NotFound The specified snapshot does not exist. The error message returned because no image cache or snapshot exists.
404 InvalidDiskId.NotFound The specified disk does not exist. The error message returned because the specified disk does not exist.
404 InvalidParameter.KMS.KeyId.NotFound The specified KMSKeyId does not exist. The error message returned because the specified KMSKeyId parameter does not exist.

For a list of error codes, visit the API Error Center.