You can call the CreateCluster operation to create a managed Kubernetes cluster that contains a specified number of nodes.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request syntax

POST /clusters HTTP/1.1 
Content-Type:application/json
{
  "name" : "String",
  "region_id" : "String",
  "cluster_type" : "String",
  "cluster_spec" : "String",
  "kubernetes_version" : "String",
  "runtime" : {
    "name" : "String",
    "version" : "String"
  },
  "vpcid" : "String",
  "pod_vswitch_ids" : [ "String" ],
  "container_cidr" : "String",
  "service_cidr" : "String",
  "security_group_id" : "String",
  "is_enterprise_security_group" : Boolean,
  "snat_entry" : Boolean,
  "endpoint_public_access" : Boolean,
  "timezone" : "String",
  "node_cidr_mask" : "String",
  "user_data" : "String",
  "cluster_domain" : "String",
  "node_name_mode" : "String",
  "custom_san" : "String",
  "encryption_provider_key" : "String",
  "service_account_issuer" : "String",
  "api_audiences" : "String",
  "image_id" : "String",
  "rds_instances" : [ "String" ],
  "tags" : [ {
    "key" : "String",
    "value" : "String"
  } ],
  "addons" : [ {
    "name" : "String",
    "config" : "String",
    "disabled" : Boolean
  } ],
  "taints" : [ {
    "key" : "String",
    "value" : "String",
    "effect" : "String"
  } ],
  "cloud_monitor_flags" : Boolean,
  "platform" : "String",
  "os_type" : "String",
  "soc_enabled" : Boolean,
  "cis_enabled" : Boolean,
  "cpu_policy" : "String",
  "proxy_mode" : "String",
  "key_pair" : "String",
  "login_password" : "String",
  "num_of_nodes" : Long,
  "vswitch_ids" : [ "String" ],
  "worker_instance_types" : [ "String" ],
  "worker_system_disk_category" : "String",
  "worker_system_disk_size" : Long,
  "worker_data_disks" : [ {
    "category" : "String",
    "size" : Long,
    "encrypted" : "String",
    "auto_snapshot_policy_id" : "String"
  } ],
  "worker_instance_charge_type" : "String",
  "worker_period_unit" : "String",
  "worker_period" : Long,
  "worker_auto_renew" : Boolean,
  "worker_auto_renew_period" : Long,
  "instances" : [ "String" ],
  "format_disk" : Boolean,
  "keep_instance_name" : Boolean,
  "controlplane_log_ttl" : "String",
  "controlplane_log_project" : "String",
  "controlplane_log_components" : [ "String" ],
  "deletion_protection" : Boolean,
  "disable_rollback" : Boolean,
  "timeout_mins" : Long
}

Request parameters

Table 1. Request body parameters
Parameter Type Required Example Description
cluster_type String Yes ManagedKubernetes The type of cluster. Set the value to ManagedKubernetes to create a standard managed Kubernetes cluster.
key_pair String Yes secrity-key The name of the key pair. You must set this parameter or the login_password parameter.
login_password String Yes Hello@1234 The password for SSH logon. You must set this parameter or the key_pair parameter. The password must be 8 to 30 characters in length, and must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters.
name String Yes cluster-demo

The name of the ACK cluster.

The name must be 1 to 63 characters in length, and can contain digits, letters, and hyphens (-). It cannot start with a hyphen (-).

num_of_nodes Long Yes 3 The number of worker nodes that you want to create. Valid values: 0 to 100.
region_id String Yes cn-beijing The ID of the region where you want to deploy the cluster.
snat_entry Boolean No true

Specifies whether to configure Source Network Address Translation (SNAT) rules for the virtual private cloud (VPC) where your cluster is deployed.

  • If the VPC supports Internet access, set the value to false.
  • If the VPC does not support Internet access, valid values are:
    • true: configures SNAT rules. This enables Internet access for the cluster.
    • false: does not configure SNAT rules. In this case, the cluster cannot access the Internet.

If your applications deployed in the cluster need to access the Internet, we recommend that you set the value to true.

Default value: false.

vswitch_ids Array of String Yes ["vsw-2ze48rkq464rsdts1****"] The IDs of the vSwitches. You can specify one to three vSwitches.
worker_system_disk_category String Yes cloud_efficiency

The type of system disk that is specified for worker nodes. Valid values:

  • cloud_efficiency: ultra disk.
  • cloud_ssd: standard SSD.

Default value: cloud_ssd.

worker_system_disk_size Long Yes 120

The size of the system disk that is specified for worker nodes. Unit: GiB.

Valid values: 40 to 500.

The value of this parameter must be at least 40 and no less than the image size.

Default value: 120.

addons Array of addon No [{"name": "terway-eniip","config": ""}, {"name": "logtail-ds","config": "{\"IngressDashboardEnabled\":\"true\",\"sls_project_name\":\"your_sls_project_name\"}"}, {"name":"nginx-ingress-controller","config":"{\"IngressSlbNetworkType\":\"internet\"}"}]

The components that you want to install in the cluster. Parameter description:

  • name: the name of the component. This parameter is required.
  • config: This parameter is optional. If this parameter is left empty, it indicates that no configurations are required.
  • disabled: specifies whether to disable automatic installation. This parameter is optional.

Network plug-in: Required. Supported network plug-ins are Flannel and Terway. Select one of the plug-ins for the cluster.

  • Specify the Flannel plug-in in the following format: [{"name":"flannel","config":""}].
  • Specify the Terway plug-in in the following format: [{"name": "terway-eniip","config": ""}].

Volume plug-in: Required. Supported volume plug-ins are CSI and FlexVolume.

  • Specify the CSI plug-in in the following format: [{"name":"csi-plugin","config": ""},{"name": "csi-provisioner","config": ""}].
  • Specify the FlexVolume plug-in in the following format: [{"name": "flexvolume","config": ""}].

Log Service component: Optional.

Note If Log Service is not enabled, you cannot use the cluster auditing feature.
  • To use an existing Log Service project, specify the component in the following format: [{"name": "logtail-ds","config": "{\"IngressDashboardEnabled\":\"true\",\"sls_project_name\":\"your_sls_project_name\"}"}]
  • To create a Log Service project, specify the component in the following format: [{"name": "logtail-ds","config": "{\"IngressDashboardEnabled\":\"true\"}"}].

Ingress controller: Optional. By default, the nginx-ingress-controller component is installed in dedicated Kubernetes clusters.

  • To install nginx-ingress-controller and enable Internet access, specify the Ingress controller in the following format: [{"name":"nginx-ingress-controller","config":"{\"IngressSlbNetworkType\":\"internet\"}"}].
  • To disable the automatic installation of nginx-ingress-controller, specify the component in the following format: [{"name": "nginx-ingress-controller","config": "","disabled": true}].

Event center: Optional. By default, the event center feature is enabled. The event center feature allows you to log Kubernetes events, query events, and raise alerts. Logstores that are associated with the Kubernetes event center are free of charge for the first 90 days. For more information, see .

To enable the Kubernetes event center, specify the ack-node-problem-detector component in the following format: [{"name":"ack-node-problem-detector","config":"{\"sls_project_name\":\"

your_sls_project_name\"}"}].

cluster_spec String No ack.pro.small
The type of managed Kubernetes cluster. Valid values:
  • ack.pro.small: professional managed Kubernetes cluster.
  • ack.standard: standard managed Kubernetes cluster.

Default value: ack.standard. If you leave this parameter empty, a standard managed Kubernetes cluster is created.

For more information, see Introduction to professional managed Kubernetes clusters.

encryption_provider_key String No 0fe64791-55eb-4fc7-84c5-c6c7cdca****

The ID of the key that is managed by Key Management Service (KMS). This key is used to encrypt data disks. For more information, see What is Key Management Service?.

Note The key can be used only in professional managed Kubernetes clusters.
container_cidr String Yes 172.20.0.0/16

The CIDR block of pods. This CIDR block cannot overlap with the CIDR block of the VPC in which the cluster is deployed. If the VPC is automatically created by the system, the CIDR block of pods is set to 172.16.0.0/16 by default.

Note This parameter is required if the cluster uses the Flannel plug-in.
cloud_monitor_flags Boolean No true

Specifies whether to install the CloudMonitor agent. Valid values:

  • true: installs the CloudMonitor agent.
  • false: does not install the CloudMonitor agent.

Default value: false.

disable_rollback Boolean No true

Specifies whether to perform a rollback when the cluster fails to be created. Valid values:

  • true: performs a rollback when the cluster fails to be created.
  • false: does not perform a rollback when the cluster fails to be created.

Default value: false.

endpoint_public_access Boolean No true Specifies whether to enable Internet access for the cluster. You can use an elastic IP address (EIP) to expose the API server. This way, you can access the cluster over the Internet. Valid values:
  • true: enables Internet access.
  • false: disables Internet access. If you set this parameter to false, the API server cannot be accessed over the Internet.

Default value: true.

proxy_mode String No ipvs

The kube-proxy mode. Valid values: iptables and ipvs. Default value: ipvs.

security_group_id String No sg-bp1bdue0qc1g7k1e**

The ID of the existing security group that is specified for the cluster. You must set this parameter or the is_enterprise_security_group parameter. Nodes in the cluster are automatically added to the specified security group.

is_enterprise_security_group Boolean No true

Specifies whether to create an advanced security group. This parameter takes effect only if security_group_id is left empty.

Note You must specify an advanced security group for a cluster that has Terway installed.
  • true: creates an advanced security group.
  • false: does not create an advanced security group.

Default value: false.

service_cidr String Yes 172.21.0.0/20

The CIDR block of Services. This CIDR block cannot overlap with the CIDR block of pods or the CIDR block of the VPC in which the cluster is deployed. If the VPC is automatically created by the system, the CIDR block of Services is set to 172.19.0.0/20 by default.

tags Array of tag No [{"key": "env", "value": "prod"}]
The labels that you want to add to the cluster. A label consists of the following parts:
  • key: the key of the label.
  • value: the value of the label.
timezone String No Asia/Shanghai

The time zone of the cluster.

taints Array of taint No [{"key": "env", "value": "private", "effect": "NoSchedule"}]

The taints that you want to add to nodes. Taints are added to nodes to prevent pods from being scheduled to inappropriate nodes. However, toleration rules allow pods to be scheduled to nodes with matching taints. For more information, see taint-and-toleration.

cluster_domain String No cluster.local

The domain name of the cluster.

The domain name consists of one or more parts that are separated by periods (.).Each part cannot exceed 63 characters in length, and can contain lowercase letters, digits, and hyphens (-). Each part must start and end with a lowercase letter or digit.

custom_san String No cs.aliyun.com

Specifies custom subject alternative names (SANs) for the API server certificate to accept requests from specified IP addresses or domain names. Multiple IP addresses and domain names are separated with commas (,).

service_account_issuer String No kubernetes.default.svc

A service account is used to provide an identity for pods when they communicate with the API server. service-account-issuer is the issuer of the service account token, which corresponds to the iss field in the token payload.

For more information about service accounts, see Enable service account token volume projection.

api_audiences String No kubernetes.default.svc

A service account is used to provide an identity for pods when they communicate with the API server. api-audiences are valid identifiers of tokens. Audiences are used to validate tokens at the API server side. Separate multiple audiences with commas (,).

For more information about service accounts, see Enable service account token volume projection.

node_name_mode String No aliyun.com00055test

The custom node name.

A node name consists of a prefix, an IP substring, and a suffix.

  • The prefix and suffix can contain one or more parts that are separated with periods (.).Each part can contain lowercase letters, digits, and hyphens (-), and must start and end with a digit or lowercase letter.
  • The IP substring length specifies the number of digits to be truncated from the end of the node IP address. The IP substring length ranges from 5 to 12.

For example, if the node IP address is 192.168.0.55, the prefix is aliyun.com, the IP substring length is 5, and the suffix is test, the node name is aliyun.com00055test.

rds_instances Array of String No rm-2zev748xi27xc****

The names of ApsaraDB RDS instances.

image_id String No m-bp16z7xko3vvv8gt****

Specifies a custom image for nodes. By default, the system image is used. You can select a custom image to replace the default image. For more information, see Use a custom image to create an ACK cluster.

pod_vswitch_ids Array of String Yes vsw-2ze97jwri7cei0mpw****

Specifies the vSwitches that are allocated to pods. You must set this parameter if the cluster has Terway installed because each pod in the cluster uses a separate IP address.

instances Array of String No i-2ze4zxnm36vq00xn****

The names of instances.

format_disk Boolean No false

Specifies whether to mount a data disk to nodes that are created on existing Elastic Compute Service (ECS) instances. Valid values:

  • true: stores the data of containers and images on a data disk. The original data on the disk will be overwritten. Back up data before you mount the disk.
  • false: does not store the data of containers and images on a data disk.

Default value: false.

How to mount a data disk:

  • If the ECS instances have data disks mounted and the file system of the last data disk is not initialized, the system automatically formats the data disk to ext4. Then, the system mounts the data disk to /var/lib/docker and /var/lib/kubelet.
  • The system does not create or mount a new data disk if no data disk has been mounted to the ECS instances.
keep_instance_name Boolean No true

Specifies whether to retain the names of existing ECS instances that are used in the cluster.

  • true: retains the names.
  • false: does not retain the names. The new names are assigned by the system.

Default value: true.

timeout_mins Long No 60

Specifies the timeout period of cluster creation. Unit: minutes.

Default value: 60.

vpcid String Yes vpc-2zeik9h3ahvv2zz95****

The ID of the VPC where you want to deploy the cluster.

worker_auto_renew Boolean No true

Specifies whether to enable auto-renewal for worker nodes. This parameter takes effect only if worker_instance_charge_type is set to PrePaid. Valid values:

  • true: enables auto-renewal.
  • false: disables auto-renewal.

Default value: true.

worker_auto_renew_period Long No 1

The cycle of auto-renewal. This parameter takes effect and is required only if the subscription billing method is selected for worker nodes.

Valid values: 1, 2, 3, 6, and 12.

worker_data_disks Array of data_disk No [{"category": "cloud_ssd", "size": "40", "auto_snapshot_policy_id": "sp-bp14j6w7ss6ozzbp**"}] The configurations of the data disks that are mounted to worker nodes. Each configuration includes disk type and disk size.
worker_data_disk_category String No The category of the data disk. Valid values:
  • cloud_efficiency: ultra disk.
  • cloud_ssd: standard SSD.
  • cloud: basic disk.
Default value: cloud_efficiency.
Note This parameter is obsolete and replaced by the category field in the worker_data_disks parameter.
worker_data_disk_size Long No The size of the data disk. Unit: GiB.
Note This parameter is obsolete and replaced by the size field in the worker_data_disks parameter.
worker_instance_charge_type String No PrePaid

The billing method of worker nodes. Valid values:

  • PrePaid: subscription
  • PostPaid: pay-as-you-go.

Default value: PostPaid.

worker_period Long No 1

The subscription duration of worker nodes. This parameter takes effect and is required only if worker_instance_charge_type is set to PrePaid.

Valid values: 1, 2, 3, 6, 12, 24, 36, 48, and 60.

Default value: 1

worker_period_unit String No Month

The billing cycle of worker nodes. This parameter is required if worker_instance_charge_type is set to PrePaid.

Set the value to Month. Worker nodes can be billed only on a monthly basis.

worker_instance_types Array of String Yes ["ecs.n4.xlarge"]

The instance types of worker nodes. You must specify at least one instance type. For more information, see Instance families.

Note The instance types are listed in descending order of priority. If worker nodes fail to be created based on the instance type of the highest priority, the system automatically attempts to create worker nodes by using the instance type of the next highest priority.
cpu_policy String No none

The CPU policy. The following policies are supported if the cluster version is 1.12.6 or later.

  • static: This policy allows pods with specific resource characteristics on the node to be granted with enhanced CPU affinity and exclusivity.
  • none: This policy indicates that the default CPU affinity is used.

Default value: none.

runtime runtime No {"name": "docker", "version": "19.03.5"} The container runtime of the cluster. The following runtimes are supported: containerd, Docker, and Sandboxed-Container. The default runtime is Docker. You must specify the name and version of the container runtime.
  • name: the name of the container runtime.
  • version: the version of the container runtime.

For more information about how to select a proper container runtime, see Comparison of Docker, containerd, and Sandboxed-Container.

platform String No CentOS

The release version of the operating system. Valid values:

  • CentOS
  • AliyunLinux
  • QbootAliyunLinux
  • Qboot
  • Windows
  • WindowsCore

Default value: CentOS.

user_data String No IyEvdXNyL2Jpbi9iYXNoCmVjaG8gIkhlbGxvIEFD****

The user-defined data. For more information, see Overview of ECS instance user data.

os_type String No Linux

The type of operating system. Valid values:

  • Windows
  • Linux

Default value: Linux.

soc_enabled Boolean No false

Valid values:

  • true: enables reinforcement based on classified protection.
  • false: disables reinforcement based on classified protection.

Default value: false.

cis_enabled Boolean No false

Specifies whether to enable Center for Internet Security (CIS) reinforcement. For more information, see CIS reinforcement.

Valid values:

  • true: enables CIS reinforcement.
  • false: disables CIS reinforcement.

Default value: false.

node_cidr_mask String No 25

The maximum number of IP addresses that can be assigned to nodes. This number is determined by the specified pod CIDR block. This parameter takes effect only if the cluster uses the Flannel plug-in.

Default value: 25.

kubernetes_version String No 1.16.9-aliyun.1

The version of the cluster. The cluster versions provided by ACK are consistent with the open source versions. We recommend that you select the latest version. If you do not specify this parameter, the latest version is used. You can create clusters of the latest two versions in the ACK console. You can create ACK clusters of other versions by calling API operations. For more information about the Kubernetes versions supported by ACK, see Overview of Kubernetes versions supported by ACK.

controlplane_log_ttl String No 30s

The interval at which the log of control plane components is collected.

controlplane_log_project String No k8s-log-xxx

The Log Service project that is used to store the log of control plane components. You can use an existing project or create one. If you choose to create a Log Service project, the created project is named k8s-log-{ClusterID}.

controlplane_log_components Array of String No ["apiserver","kcm","scheduler"]

The list of control plane components of which you want to collect the log.

By default, the log of kube-apiserver, kube-controller-manager, and kube-scheduler is collected.

deletion_protection Boolean No true

Specifies whether to enable deletion protection for the cluster. After deletion protection is enabled, the cluster cannot be deleted in the ACK console or by calling API operations. Valid values:

  • true: enables deletion protection for the cluster.
  • false: disables deletion protection for the cluster.

Default value: false.

Response syntax

HTTP/1.1 200
Content-Type:application/json
{
  "cluster_id" : "String",
  "request_id" : "String",
  "task_id" : "String"
}

Response parameters

Table 2. Response body parameters
Parameter Type Example Description
cluster_id String cb95aa626a47740afbf6aa099b650****

The ID of the ACK cluster.

request_id String 687C5BAA-D103-4993-884B-C35E4314A1E1

The ID of the request.

task_id String T-5a54309c80282e39ea00002f

The ID of the task.

Examples

Sample requests

POST /clusters 
<Common request headers>
{
    "name":"managed Kubernetes cluster",                      // The name of the cluster. #required
    "cluster_type":"ManagedKubernetes",     // The type of cluster. #required
    "disable_rollback":true,                // Specifies whether a rollback is performed when the cluster fails to be created. 
    "timeout_mins":60,                      // The timeout period of cluster creation. 
    "kubernetes_version":"1.18.8-aliyun.1", // The Kubernetes version of the cluster. Only the latest two versions are available. 
    "region_id":"cn-zhangjiakou",  // The ID of the region where the cluster is deployed. #required 
    "snat_entry":true,             // Specifies whether SNAT rules are configured for the VPC where the cluster is deployed to enable Internet access for the cluster. 
    "cloud_monitor_flags":true,    // Specifies whether the CloudMonitor agent is installed on ECS instances. 
    "endpoint_public_access":true, // Specifies whether Internet access is enabled for the cluster.  
    "controlplane_log_ttl" : "30s",
    "controlplane_log_project" : "k8s-log-xxx",
    "controlplane_log_components" : ["apiserver","kcm","scheduler"],
    "deletion_protection":true,    // Specifies whether deletion protection is enabled for the cluster. 
    "node_cidr_mask":"26",         // The maximum number of IP addresses that can be assigned to each node. This number is determined by the subnet mask of the specified CIDR block. 
    "proxy_mode":"ipvs",           // The kube-proxy mode. Valid values: iptables and ipvs. 
    "tags":[                       // The labels that are added to the cluster. The labels are applied to the ACK cluster, ECS instances, and nodes in the cluster. 
        {
            "key":"tag-k",
            "value":"tag-v"
        }
    ],
    "timezone":"Asia/Shanghai",   // The time zone of the cluster.
    "addons":[                    // The components that are installed for the cluster.
        {
            "name":"flannel"      // To install the Terway plug-in for the cluster, replace the value with {"name":"terway-eni"}. 
        },
        {
            "name":"csi-plugin"
        },
        {
            "name":"csi-provisioner"
        },
        {
            "name":"logtail-ds",
            "config":"{\"IngressDashboardEnabled\":\"true\"}"
        },
        {
            "name":"ack-node-problem-detector",
            "config":"{\"sls_project_name\":\"\"}"
        },
        {
            "name":"nginx-ingress-controller",                      // The name of the component.
            "config":"{\"IngressSlbNetworkType\":\"internet\"}",    // The configuration of the component.
            "disabled": true                                        // Specifies whether automatic installation is disabled. 
        },
        {
            "name":"arms-prometheus"
        }
    ],
    "cluster_spec":"ack.pro.small",       // The type of managed Kubernetes cluster. ack.pro.small indicates a professional managed Kubernetes cluster. ack.standed indicates a standard managed Kubernetes cluster. 
    "encryption_provider_key":"8734596c-c0d6-4a63-a76e-fe72c7b0****", // The ID of the key that is managed by KMS. The key is used to encrypt Kubernetes Secrets. 
    "os_type":"Linux",        // The type of operating system. Valid values: Linux and Windows. 
    "platform":"AliyunLinux", // The release version of the operating system. Valid values: CentOS, AliyunLinux, Windows, and WindowsCore. 
    "user_data":"IyEvdXNyL2Jpbi9iYXNoCmVjaG8gIkhlbGxvIEFDSyEi", // The user-defined data. 
    "runtime":{             // The container runtime.
        "name":"docker",    // The name of the container runtime.
        "version":"19.03.5" // The version of the container runtime.
    },
    "worker_instance_types":[  // The instance types of worker nodes. #required
        "ecs.t6-c1m4.large"
    ],
    "num_of_nodes":3,                              // The number of worker nodes. #required
    "worker_system_disk_category":"cloud_essd",    // The type of system disk that is specified for worker nodes. #required
    "worker_system_disk_size":120,                 // The size of the system disk that is specified for worker nodes. #required
    "worker_data_disks":[                          // The configurations of the data disks that are mounted to worker nodes.
        {
            "category":"cloud_efficiency",        // The type of data disk. 
            "size":"40",                          // The size of the data disk. Valid values: 40 to 32768. 
            "encrypted":"true",                   // Specifies whether disk encryption is enabled. 
            "auto_snapshot_policy_id":"sp-8vbajx6y2hk21hco****", // The ID of the policy that is used to back up the data disk. 
        }
    ],
    "worker_instance_charge_type":"PrePaid",      // The billing method of worker nodes. Valid values: PostPaid and PrePaid. 
    "worker_period_unit":"Month",                 // The cycle of auto-renewal. Unit: Month. 
    "worker_period":1,                            // The duration of auto-renewal. Default value: 1. 
    "worker_auto_renew":true,                     // Specifies whether auto-renewal is enabled for worker nodes. 
    "worker_auto_renew_period":1,                 // The duration of auto-renewal that takes effect after the worker nodes expire. 
    "vpcid":"vpc-8vbh3b9a2f38urhls****",          // The ID of the VPC where the cluster is deployed.  #required
    "container_cidr":"172.20.0.0/16",             // The CIDR block of pods. #required. This is not required if the network plug-in is Terway. 
    "service_cidr":"172.21.0.0/20",               // The CIDR block of Services.  #required
    "vswitch_ids":[                               // The IDs of vSwitches that are specified for the cluster.  #required
        "vsw-8vbmoffowsztjaawj****"
    ],
    "login_password":"Hello1234",                 // The password that is used to log on to nodes in the cluster as the root user. You must set the login_password or key_pair parameter.  #required
    "key_pair": "key_pair": "sin-name",                       // The key pair that is used to log on to nodes in the cluster as the root user. You must set the login_password or key_pair parameter.  #required
    "cpu_policy":"none",                 // The CPU policy that is specified for nodes in the cluster. Valid values: static and none. 
    "taints":[                           // The taints that are added to nodes. 
        {
            "key":"1",                   // The key of the taint. 
            "value":"1",                 // The value of the taint. 
            "effect":"NoSchedule"        // The pod scheduling policy. 
        }
    ],
    "cluster_domain":"cluster.local",    // The domain name of the cluster. Default value: cluster.local. 
    "custom_san":"cs.aliyuncs.com",      // The custom SANs for the API server certificate. 
    "service_account_issuer":"kubernetes.default.svc", // Service account token volume projection. service_account_issuer is the issuer of the service account token, which corresponds to the iss field in the token payload. 
    "api_audiences":"kubernetes.default.svc",          // Service account token volume projection. api-audiences are valid identifiers of tokens. Audiences are used to validate tokens at the API server side. 
    "node_name_mode":"customized,aliyun.com,5,k8s",    // The user-specified names for nodes. 
    "security_group_id":"sg-8vb7grbyvlb10j0i****",     // The existing security group that is used for the cluster. You must set the security_group_id or is_enterprise_security_group parameter. 
    "is_enterprise_security_group":true,               // Specifies whether an advanced security group is automatically created. You must set the security_group_id or is_enterprise_security_group parameter. 
    "rds_instances": ["rm-xx","rm-xx"],                // The ApsaraDB RDS whitelists. 
    "image_id":"CentOS-xxx",                           // The custom image for nodes. 
    "pod_vswitch_ids":[                                // The vSwitches that are allocated to pods. You must specify vSwitches for pods if the cluster has Terway installed because each pod uses a separate IP address.                      
        "vsw-8vbo5fwyqiw0bbtlq****"
    ],
    "instances": [                // A list of the existing instances that you want to use to create worker nodes. 
        "i-dewgagxdfa****",
        "i-3kjaf9q43l****"
    ],
    "format_disk": false,        // Specifies whether a data disk is mounted to worker nodes. A data disk is formatted after it is mounted to worker nodes. Back up data before you mount a disk. 
    "keep_instance_name": true   // Specifies whether the names of ECS instances are retained. Default value: true. 
}

Sample success responses

XML format
<cluster_id>cb95aa626a47740afbf6aa099b65****</cluster_id>
<task_id>687C5BAA-D103-4993-884B-C35E4314A1E1</task_id>
<request_id>T-5a54309c80282e39ea00002f</request_id>

JSON format

{
    "cluster_id": "cb95aa626a47740afbf6aa099b65****",
    "request_id": "687C5BAA-D103-4993-884B-C35E4314A1E1",
    "task_id": "T-5a54309c80282e39ea00002f"
}

Error codes

For a list of error codes, visit the API Error Center.