Call the CreateContainerGroup operation to create an ECI instance - Elastic Container Instance - Alibaba Cloud - Elastic Container Instance

Calls CreateContainerGroup to create an ECI instance (container group).

Operation description

When you call CreateContainerGroup to create an ECI instance, the system automatically creates a service-linked role AliyunServiceRoleForECI for you to access related cloud services such as ECS and VPC. For more information, see ECI service-linked role.

When creating an ECI instance, you can configure instance, image, storage, and other related features as needed. For the parameters and descriptions of each feature, see the following documentation:

Instance

ECI supports the following two methods to create instances:

The following features are supported by both creation methods:

Image

Network

Storage

Container configuration

Logging and O&M

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.
API: The API that you can call to perform the action.
Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.
Resource type: The type of the resource that supports authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.
- For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.
- For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.
Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.
Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

Action

Access level

Resource type

Condition key

Dependent action

eci:CreateContainerGroup

create

*ContainerGroup

acs:eci:{#regionId}:{#accountId}:containergroup/*

eci:tag

None

Request parameters

Parameter	Type	Required	Description	Example
RegionId	string	Yes	The region ID.	cn-hangzhou
RegionId	string	Yes	The region ID.	cn-hangzhou
ZoneId	string	No	The zone of the instance. If the value is empty, the system automatically selects a zone. Default value: empty.	cn-hangzhou-b
SecurityGroupId	string	No	The ID of the security group to which the instance belongs. Instances in the same security group can access each other. If no security group is specified, the system automatically uses the default security group in the region that you selected. Make sure that the inbound rules of the security group contain the protocols and port numbers of the containers that you want to expose. If you do not have a default security group in the region, the system creates a default security group and adds the declared container protocols and port numbers to the inbound rules of the security group.	sg-uf66jeqopgqa9hdn****
VSwitchId	string	No	The ID of the vSwitch to which the instance is connected. You can specify up to 10 vSwitch IDs at a time, separated by commas (,), for example, `vsw-*,vsw-`. If no vSwitch is specified, the system automatically uses the default vSwitch in the default VPC of the region that you selected. If you do not have a default VPC and a default vSwitch in the region, the system creates a default VPC and a default vSwitch. Note* The number of IP addresses in the vSwitch CIDR block determines the maximum number of ECI instances that can be created in the vSwitch. Plan the CIDR block in advance.	vsw-bp1xpiowfm5vo8o3c**,vsw-bp1rkyjgr1xwoho6k**
ContainerGroupName	string	Yes	The name of the ECI instance (container group). Format requirements: The name must be 2 to 128 characters in length. The name can contain lowercase letters, digits, and hyphens (-). It cannot start or end with a hyphen.	nginx-test
RestartPolicy	string	No	The restart policy of the instance. Valid values: Always: always restart. Never: never restart. OnFailure: restart upon failure. Default value: Always.	Always
EipInstanceId	string	No	The ID of the elastic IP address (EIP).	eip-uf66jeqopgqa9hdn****
Cpu	number	No	The instance-level vCPU size. Unit: cores.	1.0
Memory	number	No	The instance-level memory size. Unit: GiB.	2.0
ResourceGroupId	string	No	The resource group ID.	rg-uf66jeqopgqa9hdn****
DnsPolicy	string	No	The DNS policy. Valid values: None: uses the DNS configured by the DnsConfig field. Default: inherits the DNS settings of the runtime environment.	Default
ClientToken	string	No	The client token that is used to ensure the idempotence of the request. You can use the client to generate the value, but you must make sure that the value is unique among different requests. The token can only contain ASCII characters and cannot exceed 64 characters in length. For more information, see How to ensure idempotence.	123e4567-xxxx-12d3-xxxx-426655440000
InstanceType	string	No	The specified ECS instance type. Multiple instance types are supported. For more information, see Create an instance by specifying an ECS instance type.	ecs.c5.xlarge
ImageSnapshotId	string	No	The image cache ID. For more information, see Use image caches to accelerate instance creation.	imc-2zebxkiifuyzzlhl****
RamRoleName	string	No	The name of the instance RAM role. ECI and ECS share instance RAM roles. For more information, see Use an instance RAM role by calling API operations.	RamTestRole
TerminationGracePeriodSeconds	integer	No	The buffer period for the program to handle operations before shutdown. Unit: seconds.	60
AutoMatchImageCache	boolean	No	Specifies whether to automatically match image caches. Default value: false.	false
Ipv6AddressCount	integer	No	The number of IPv6 addresses. The value is fixed at 1, meaning an ECI instance supports binding one IPv6 address.	1
ActiveDeadlineSeconds	integer	No	The validity period of the ECI instance. The instance is forcibly terminated after this period expires. Unit: seconds.	1000
SpotStrategy	string	No	The bidding strategy for the instance. Valid values: NoSpot: a pay-as-you-go instance. SpotWithPriceLimit: a preemptible instance with a maximum price limit. SpotAsPriceGo: a preemptible instance that is billed based on the actual market price. Default value: NoSpot.	SpotWithPriceLimit
SpotPriceLimit	number	No	The maximum hourly price of the preemptible instance. The value can be accurate to three decimal places. This parameter is required when SpotStrategy is set to SpotWithPriceLimit.	0.025
ScheduleStrategy	string	No	The scheduling strategy for the ECI instance when multiple zones are configured (by specifying multiple vSwitches via the VSwitchId parameter). Valid values: VSwitchOrdered: scheduled in order. VSwitchRandom: optimally scheduled by Alibaba Cloud. For more information, see Create instances across multiple zones.	VSwitchOrdered
CorePattern	string	No	Custom directory for saving core dump files generated by coredump. For more information, see Save core files to a data volume. Note The configured path cannot start with `\|`, which means you cannot configure executable programs through core dump.	/xx/xx/core
ShareProcessNamespace	boolean	No	Specifies whether to use a shared namespace. Default value: false.	false
AutoCreateEip	boolean	No	Specifies whether to automatically create an EIP and bind it to the ECI instance.	true
EipBandwidth	integer	No	The bandwidth of the EIP. Default value: 5 Mbps. This parameter can be set when AutoCreateEip is set to true.	5
EipISP	string	No	The line type of the EIP. Valid values: BGP (default): BGP (multi-ISP) line. BGP_PRO: BGP (multi-ISP) premium line.	BGP
EipCommonBandwidthPackage	string	No	The ID of an existing shared bandwidth package to associate.	cbwp-2zeukbj916scmj51m****
HostName	string	No	The host name.	test
IngressBandwidth	integer	No	The inbound bandwidth limit. Unit: Bps.	1024000
EgressBandwidth	integer	No	The outbound bandwidth limit. Unit: Bps.	1024000
CpuOptionsCore	integer	No	The number of physical CPU cores. Only some instance types support custom settings.	2
CpuOptionsThreadsPerCore	integer	No	The number of threads per core. Only some instance types support custom settings. Setting this to 1 disables hyper-threading.	2
CpuOptionsNuma	string	No	This parameter is not supported.	1
EphemeralStorage	integer	No	The size of the additional temporary storage space. Unit: GiB. For more information, see Customize the size of temporary storage.	20
Tag	array<object>	No	The list of tags. A maximum of 20 tags can be bound. For more information, see Use tags to manage instances.
	object	No	The list of tags. A maximum of 20 tags can be bound. For more information, see Use tags to manage instances.
Key	string	No	The tag key. This value cannot be an empty string and cannot be duplicate. The tag key can be up to 64 characters in length and cannot start with `aliyun` or `acs:`, and cannot contain `http://` or `https://`.	version
Value	string	No	The tag value. This value can be an empty string. The tag value can be up to 128 characters in length and cannot start with `acs:`, and cannot contain `http://` or `https://`.	3
ImageRegistryCredential	array<object>	No	The image repository credentials.
	object	No	The image repository credentials.
Password	string	No	The password of the image repository.	yourpassword
Server	string	No	The address of the image repository registry.	registry-vpc.cn-shanghai.aliyuncs.com
UserName	string	No	The username of the image repository.	yourusername
Container	array<object>	Yes	The container information.
	array<object>	No	The container information.
ReadinessProbe.TimeoutSeconds	integer	No	The timeout period for the check. Default value: 1 second. Minimum value: 1 second.	1
ReadinessProbe.SuccessThreshold	integer	No	The minimum number of consecutive successes required to consider the check successful after a failure. Default value: 1. Must be 1.	1
SecurityContext.Capability.Add	array	No	The permissions granted to processes in the container. Currently, only NET_ADMIN and NET_RAW are supported. Note NET_RAW is not supported by default and requires a ticket submission.
	string	No	The permissions granted to processes in the container. Currently, only NET_ADMIN and NET_RAW are supported. Note NET_RAW is not supported by default and requires a ticket submission.	NET_ADMIN
ReadinessProbe.TcpSocket.Port	integer	No	The port for TCP Socket health checks. Note When setting ReadinessProbe parameters, only one of the three check methods (HttpGet, Exec, and TcpSocket) can be selected.	8000
ReadinessProbe.HttpGet.Scheme	string	No	The protocol type for HTTP request health checks. Valid values: HTTP HTTPS Note When setting ReadinessProbe parameters, only one of the three check methods (HttpGet, Exec, and TcpSocket) can be selected.	HTTP
LivenessProbe.PeriodSeconds	integer	No	The interval at which the check is performed. Default value: 10 seconds. Minimum value: 1 second.	5
SecurityContext.ReadOnlyRootFilesystem	boolean	No	Specifies whether the root file system of the container is read-only. Currently, only true is supported.	true
EnvironmentVar	array<object>	No	The environment variables of the container.
	object	No	The environment variables of the container.
Key	string	No	The name of the environment variable. The name must be 1 to 128 characters in length. Format: `[0-9a-zA-Z]` and underscores. It cannot start with a digit.	PATH
Value	string	No	The value of the environment variable. The value must be 0 to 256 characters in length.	/usr/local/bin
FieldRef.FieldPath	string	No	The reference for the environment variable value. Currently, only status.podIP is supported.	status.podIP
LivenessProbe.TcpSocket.Port	integer	No	The port for TCP Socket health checks. Note When setting LivenessProbe parameters, only one of the three check methods (HttpGet, Exec, and TcpSocket) can be selected.	8080
Tty	boolean	No	Specifies whether to enable interaction. Default value: false. When Command is /bin/bash, this must be set to true.	false
WorkingDir	string	No	The working directory of the container.	/usr/local/
Arg	array	No	The arguments for the container startup command. Maximum: 10.	100
	string	No	The arguments for the container startup command. Maximum: 10.	100
Stdin	boolean	No	Specifies whether this container should allocate a buffer for standard input in the container runtime. If not set, reads from standard input in the container will result in EOF. Default value: false.	false
LivenessProbe.InitialDelaySeconds	integer	No	The time to start the check, calculated from when the container finishes starting.	5
VolumeMount	array<object>	No	The volume mount information.
	object	No	The volume mount information.
MountPropagation	string	No	The mount propagation setting for the volume. Mount propagation allows volumes mounted by a container to be shared with other containers in the same pod or even with other pods on the same node. Valid values: None: the volume does not sense any subsequent mount operations on this volume or its subdirectories. HostToContainer: the volume senses subsequent mount operations on this volume or its subdirectories. Bidirectional: similar to HostToContainer, senses mount operations. Additionally, the volume is propagated back to the host and all containers in all pods that use the same volume. Default value: None	None
MountPath	string	No	The directory where the container mounts the volume. Note The contents under the container mount directory will be directly overwritten by the volume contents. Use with caution.	/pod/data
ReadOnly	boolean	No	Specifies whether the volume is read-only. Default value: false.	false
SubPath	string	No	The sub-path of the volume.	data2/
Name	string	No	The name of the volume. Same as the Name in Volume.	default-volume1
ImagePullPolicy	string	No	The image pull policy. Valid values: Always: always pull. Pulls the image every time. IfNotPresent: pull on demand. Uses the local image first. Pulls the image if no local image is available. Never: never pull. Uses the local image only.	Always
StdinOnce	boolean	No	Specifies whether the standard input stream remains open across multiple attach sessions when standard input is set to true. If StdinOnce is set to true, standard input is opened when the container starts, remains empty until the first client attaches to standard input, then stays open and accepts data until the client disconnects. Standard input is then closed and remains closed until the container restarts.	false
LifecyclePreStopHandlerTcpSocketPort	integer	No	The TCP Socket port for the preStop callback function when using the TCPSocket method.	90
LifecyclePostStartHandlerHttpGetScheme	string	No	The protocol type for the HTTP Get request when using the HTTP request method to set the postStart callback function. Valid values: HTTP HTTPS	HTTPS
ReadinessProbe.PeriodSeconds	integer	No	The interval at which the check is performed. Default value: 10 seconds. Minimum value: 1 second.	3
LivenessProbe.SuccessThreshold	integer	No	The minimum number of consecutive successes required to consider the check successful after a failure. Default value: 1. Must be 1.	1
Command	array	No	The container startup commands. Maximum: 20. Each command can contain up to 256 characters.	sleep
	string	No	The container startup commands. Maximum: 20. Each command can contain up to 256 characters.	sleep
LifecyclePostStartHandlerHttpGetHost	string	No	The host address that receives the HTTP Get request when using the HTTP request method to set the postStart callback function.	10.0.XX.XX
TerminationMessagePolicy	string	No	The message notification policy. Default value: empty. Currently, only lightweight message queue notification is supported.	FallbackToLogsOnError
ReadinessProbe.HttpGet.Path	string	No	The path for HTTP Get request health checks. Note When setting ReadinessProbe parameters, only one of the three check methods (HttpGet, Exec, and TcpSocket) can be selected.	/healthz
LivenessProbe.Exec.Command	array	No	The commands executed in the container for command-based health checks. Note When setting LivenessProbe parameters, only one of the three check methods (HttpGet, Exec, and TcpSocket) can be selected.
	string	No	The commands executed in the container for command-based health checks.	cat /tmp/healthy
LifecyclePostStartHandlerTcpSocketPort	integer	No	The TCP Socket port for the postStart callback function when using the TCPSocket method.	80
LifecyclePostStartHandlerHttpGetPath	string	No	The HTTP Get request path when using the HTTP request method to set the postStart callback function.	/healthyz
LifecyclePostStartHandlerExec	array	No	The commands executed in the container when using the command method to set the postStart callback function.	["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"]
	string	No	The commands executed in the container when using the command method to set the postStart callback function.	["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"]
LifecyclePreStopHandlerHttpGetPath	string	No	The HTTP Get request path when using the HTTP request method to set the preStop callback function.	/healthyz
Port	array<object>	No	The port numbers.
	object	No	The port numbers.
Protocol	string	No	The protocol type. Valid values: TCP UDP	TCP
Port	integer	No	The port number. Valid values: 1 to 65535.	80
TerminationMessagePath	string	No	The path for the container error message.	/tmp/termination-log
LifecyclePreStopHandlerHttpGetScheme	string	No	The protocol type for the HTTP Get request when using the HTTP request method to set the preStop callback function. Valid values: HTTP HTTPS	HTTP
LivenessProbe.HttpGet.Scheme	string	No	The protocol type for HTTP request health checks. Valid values: HTTP HTTPS Note When setting LivenessProbe parameters, only one of the three check methods (HttpGet, Exec, and TcpSocket) can be selected.	HTTP
ReadinessProbe.HttpGet.Port	integer	No	The port number for HTTP Get request health checks. Note When setting ReadinessProbe parameters, only one of the three check methods (HttpGet, Exec, and TcpSocket) can be selected.	8080
LifecyclePostStartHandlerTcpSocketHost	string	No	The host address for TCP Socket detection when using the TCP Socket method to set the postStart callback function.	10.0.XX.XX
Gpu	integer	No	The number of GPUs assigned to the container.	1
ReadinessProbe.InitialDelaySeconds	integer	No	The time to start the check, calculated from when the container finishes starting.	3
LifecyclePreStopHandlerExec	array	No	The commands executed in the container when using the command method to set the preStop callback function.	["/bin/sh", "-c","echo Hello from the preStop handler > /usr/share/message"]
	string	No	The commands executed in the container when using the command method to set the preStop callback function.	["/bin/sh", "-c","echo Hello from the preStop handler > /usr/share/message"]
Memory	number	No	The memory size of the container. Unit: GiB.	0.5
Name	string	Yes	The container name.	nginx
LifecyclePreStopHandlerHttpGetHost	string	No	The host address that receives the HTTP Get request when using the HTTP request method to set the preStop callback function.	10.0.XX.XX
LifecyclePreStopHandlerTcpSocketHost	string	No	The host address for TCP Socket detection when using the TCP Socket method to set the preStop callback function.	10.0.XX.XX
Image	string	Yes	The container image.	registry-vpc.cn-hangzhou.aliyuncs.com/eci_open/nginx:latest
LifecyclePreStopHandlerHttpGetPort	integer	No	The HTTP Get request port number when using the HTTP request method to set the preStop callback function.	88
LivenessProbe.FailureThreshold	integer	No	The minimum number of consecutive failures required to consider the check failed after a success. Default value: 3.	3
ReadinessProbe.Exec.Command	array	No	The commands executed in the container for command-based health checks. Note When setting ReadinessProbe parameters, only one of the three check methods (HttpGet, Exec, and TcpSocket) can be selected.
	string	No	The commands executed in the container for command-based health checks.	cat /tmp/healthy
LifecyclePreStopHandlerHttpGetHttpHeader	array<object>	No	The HTTP request header parameters.
	object	No	The HTTP request header parameters.
Value	string	No	The custom field value in the HTTP Get request header when using the HTTP request method to set the preStop callback function.	test-preStop
Name	string	No	The custom field name in the HTTP Get request header when using the HTTP request method to set the preStop callback function.	Xiao-Custom-Header
ReadinessProbe.FailureThreshold	integer	No	The minimum number of consecutive failures required to consider the check failed after a success. Default value: 3.	3
Cpu	number	No	The vCPU size of the container. Unit: cores.	0.25
LivenessProbe.HttpGet.Port	integer	No	The port number for HTTP Get request health checks. Note When setting LivenessProbe parameters, only one of the three check methods (HttpGet, Exec, and TcpSocket) can be selected.	8888
LivenessProbe.HttpGet.Path	string	No	The path for HTTP Get request health checks. Note When setting LivenessProbe parameters, only one of the three check methods (HttpGet, Exec, and TcpSocket) can be selected.	/healthz
LivenessProbe.TimeoutSeconds	integer	No	The timeout period for the check. Default value: 1 second. Minimum value: 1 second.	1
SecurityContext.RunAsUser	integer	No	The user ID used to run the container.	1000
LifecyclePostStartHandlerHttpGetPort	integer	No	The HTTP Get request port number when using the HTTP request method to set the postStart callback function.	5050
LifecyclePostStartHandlerHttpGetHttpHeader	array<object>	No	The HTTP request header parameters.
	object	No	The HTTP request header parameters.
Value	string	No	The custom field value in the HTTP Get request header when using the HTTP request method to set the postStart callback function.	test-postStart
Name	string	No	The custom field name in the HTTP Get request header when using the HTTP request method to set the postStart callback function.	Xiao-Custom-Header
EnvironmentVarHide	boolean	No	Specifies whether to hide environment variable information when querying ECI instance details. Valid values: false (default): environment variable information is returned when querying ECI instance details. true: environment variable information is not returned when querying ECI instance details. Setting this to true improves security when environment variables contain sensitive information.	false
SecurityContextRunAsGroup	integer	No	The user group ID used to run the container.	3000
SecurityContextRunAsNonRoot	boolean	No	Specifies whether to run the container in non-root mode. Valid values: true: non-root mode. false (default): root mode.	true
SecurityContextPrivileged	boolean	No	Specifies whether to enable privilege mode for the container. Valid values: true: enable privilege mode. false (default): disable privilege mode. Note The privileged container feature is in beta. To use it, submit a ticket.	true
Volume	array<object>	No	The volume information.
	array<object>	No	The volume information.
Type	string	No	The volume type. Valid values: EmptyDirVolume: an EmptyDir volume, which represents an empty directory. NFSVolume: an NFS volume, which represents a Network File System. ConfigFileVolume: a ConfigFile volume, which represents a configuration file. FlexVolume: uses the FlexVolume plugin to extend storage types. Supports mounting cloud disks. HostPathVolume: a HostPath volume, which represents a file or directory on the host node. This type is available only to allowlisted users. DiskVolume (not recommended): a cloud disk volume. We recommend that you use FlexVolume to mount cloud disks.	ConfigFileVolume
DiskVolume.DiskSize	integer	No	The size of the DiskVolume. Unit: GiB.	15
NFSVolume.Path	string	No	The NFS volume path.	/share
DiskVolume.FsType	string	No	The file system type of the DiskVolume.	xfs
FlexVolume.FsType	string	No	The file system type to mount. Default value depends on the FlexVolume script.	ext4
HostPathVolume.Type	string	No	The type of the HostPath volume. Valid values: Directory: a directory. File: a file. Note HostPath volumes are available only to allowlisted users.	Directory
ConfigFileVolume.DefaultMode	integer	No	The default permissions of the ConfigFileVolume.	0644
NFSVolume.ReadOnly	boolean	No	Specifies whether the NFS volume is read-only. Default value: false.	false
ConfigFileVolume.ConfigFileToPath	array<object>	No	The ConfigFile volume information. If multiple ConfigFileToPath entries are configured, the total length of all corresponding Content values cannot exceed 60 KB.
	object	No	The ConfigFile volume information.
Path	string	No	The relative file path of the configuration file relative to the mount directory.	test/config-test.cnf
Mode	integer	No	The permissions of the configuration file. If not set, the value of ConfigFileVolume.DefaultMode is used. Represented as a four-digit octal number. For example, 0644 means the permissions are rw-r--r--, where the user permission is rw-, the group permission is r--, and the other permission is r--. Permission descriptions: `---`: no permissions, octal value 0. `--x`: execute only, octal value 1. `-w-`: write only, octal value 2. `-wx`: write and execute, octal value 3. `r--`: read only, octal value 4. `r-x`: read and execute, octal value 5. `rw-`: read and write, octal value 6. `rwx`: read, write, and execute, octal value 7.	0644
Content	string	No	The content of the configuration file, which must be Base64-encoded. A single configuration file cannot exceed 32 KB.	bGl1bWk=
HostPathVolume.Path	string	No	The directory path of the HostPath volume on the host.	/pod/data
FlexVolume.Options	string	No	The FlexVolume option list. This is in key-value format and passed as JSON. For example, when mounting a cloud disk via FlexVolume, Options represents the cloud disk configuration parameters. The configurable parameters are as follows: volumeId: the ID of an existing cloud disk. volumeSize: the size of the cloud disk. Unit: GiB. Valid values: 20 to 32768. performanceLevel: the performance level of the cloud disk. For more information, see Cloud disk performance levels. deleteWithInstance: specifies whether to release the disk with the instance. Default value: false. encrypted: specifies whether to encrypt the cloud disk. Default value: false. For more information, see Encryption overview. kmsKeyId: the KMS key ID used for cloud disk encryption.	{"volumeId":"d-2zehdahrwoa7srg****","performanceLevel": "PL2"}
FlexVolume.Driver	string	No	The driver type when using the FlexVolume plugin to mount volumes. Valid values: alicloud/disk: mount a cloud disk. alicloud/nas: mount NAS. alicloud/oss: mount OSS.	alicloud/disk
NFSVolume.Server	string	No	The NFS server address.	3f9cd4a596-naw76.cn-shanghai.nas.aliyuncs.com
DiskVolume.DiskId	string	No	The ID of the DiskVolume.	d-xx
Name	string	No	The volume name.	default-volume1
EmptyDirVolume.Medium	string	No	The storage medium for the EmptyDirVolume. Default value: empty, which uses the node file system. The value memory is supported, indicating the use of memory.	memory
EmptyDirVolume.SizeLimit	string	No	The size of the EmptyDirVolume. Unit: GiB.	2
InitContainer	array<object>	No	The list of init containers.
	array<object>	No	The list of init containers.
SecurityContext.Capability.Add	array	No	The permissions granted to processes in the container. Currently, only NET_ADMIN and NET_RAW are supported. Note NET_RAW is not supported by default and requires a ticket submission.
	string	No	The permissions granted to processes in the container. Currently, only NET_ADMIN and NET_RAW are supported. Note NET_RAW is not supported by default and requires a ticket submission.	NET_ADMIN
Image	string	No	The image used by the container.	nginx
VolumeMount	array<object>	No	The list of volume mount information.
	object	No	The list of volume mount information.
MountPropagation	string	No	The mount propagation setting for the volume. Mount propagation allows volumes mounted by a container to be shared with other containers in the same pod or even with other pods on the same node. Valid values: None: the volume does not sense any subsequent mount operations on this volume or its subdirectories. HostToContainer: the volume senses subsequent mount operations on this volume or its subdirectories. Bidirectional: similar to HostToContainer, senses mount operations. Additionally, the volume is propagated back to the host and all containers in all pods that use the same volume. Default value: None	None
MountPath	string	No	The mount directory. The contents under the container mount directory will be directly overwritten by the volume contents. Use with caution.	/usr/share/
ReadOnly	boolean	No	Specifies whether the mount path is read-only. Default value: false.	false
SubPath	string	No	The sub-directory of the volume, allowing the pod to mount different directories from the same volume to different container directories.	/usr/sub/
Name	string	No	The name of the volume to mount.	test-empty
Port	array<object>	No	The init container port numbers.
	object	No	The init container port numbers.
Protocol	string	No	The protocol type. Valid values: TCP UDP	TCP
Port	integer	No	The port number. Valid values: 1 to 65535.	8888
SecurityContext.ReadOnlyRootFilesystem	boolean	No	Specifies whether the root file system of the container is read-only. Currently, only true is supported.	true
TerminationMessagePath	string	No	The source of the container exit message. When the container exits, the termination message is retrieved from the specified termination message file.	/tmp/termination-log
EnvironmentVar	array<object>	No	The list of container environment variables.
	object	No	The list of container environment variables.
Key	string	No	The name of the environment variable. The name must be 1 to 128 characters in length. Format: `[0-9a-zA-Z]` and underscores. It cannot start with a digit.	Path
Value	string	No	The value of the environment variable. The value must be 0 to 256 characters in length.	/usr/bin/
FieldRef.FieldPath	string	No	The reference for the environment variable value. Currently, only status.podIP is supported.	status.podIP
ImagePullPolicy	string	No	The image pull policy. Valid values: Always: always pull. Pulls the image every time. IfNotPresent: pull on demand. Uses the local image first. Pulls the image if no local image is available. Never: never pull. Uses the local image only.	Always
WorkingDir	string	No	The working directory.	/usr/local
Cpu	number	No	The vCPU size of the container. Unit: cores.	0.5
Arg	array	No	The container startup arguments.	10
	string	No	The container startup arguments.	10
Command	array	No	The container startup commands.	sleep
	string	No	The container startup commands.	sleep
Gpu	integer	No	The number of GPUs assigned to the container.	1
SecurityContext.RunAsUser	integer	No	The user ID used to run the container.	587
Memory	number	No	The memory size of the container. Unit: GiB.	1.0
TerminationMessagePolicy	string	No	The mount information. Default value: empty.	*****
Name	string	No	The container name.	test-init
DnsConfig.NameServer	array	No	The list of IP addresses of DNS servers.	172.10..*
	string	No	The list of IP addresses of DNS servers.	172.10..*
DnsConfig.Search	array	No	The list of DNS search domains.	svc.local.kubenetes
	string	No	The list of DNS search domains.	svc.local.kubernetes
DnsConfig.Option	array<object>	No	The list of options.
	object	No	The list of options.
Value	string	No	The value of the option.	value
Name	string	No	The name of the option.	name
HostAliase	array<object>	No	The host aliases for the ECI instance.
	object	No	The host aliases for the ECI instance.
Ip	string	No	The IP address to add.	1.1.1.1
Hostname	array	No	The host names to add.	hehe.com
	string	No	The host names to add.	hehe.com
SecurityContext.Sysctl	array<object>	No	Modifies safe sysctl parameters through the security context. For more information, see Configure Security Context.
	object	No	Modifies safe sysctl parameters through the security context. For more information, see Configure Security Context.
Value	string	No	The value of the safe sysctl parameter when modifying sysctl parameters through the security context.	65536
Name	string	No	The name of the safe sysctl parameter when modifying sysctl parameters through the security context. Valid values: net.ipv4.ping_group_range net.ipv4.ip_unprivileged_port_start	net.ipv4.ping_group_range
HostSecurityContext.Sysctl	array<object>	No	Modifies unsafe sysctl parameters through the security context. For more information, see Configure Security Context.
	object	No	Modifies unsafe sysctl parameters through the security context. For more information, see Configure Security Context.
Value	string	No	The value of the unsafe sysctl parameter when modifying sysctl parameters through the security context.	65536
Name	string	No	The name of the unsafe sysctl parameter when modifying sysctl parameters through the security context. Valid values: kernel.shm* (except kernel.shm_rmid_forced) kernel.msg* kernel.sem fs.mqueue.* net.* (except net.ipv4.tcp_syncookies, net.ipv4.ping_group_range, and net.ipv4.ip_unprivileged_port_start)	kernel.msgmax
NtpServer	array	No	The NTP servers.	ntp.cloud.aliyuncs.com
	string	No	The NTP servers.	ntp.cloud.aliyuncs.com
AcrRegistryInfo	array<object>	No	The list of ACR Enterprise Edition instance information. For more information, see Pull images from ACR without a password.
	object	No	The list of ACR Enterprise Edition instance information.
Domain	array	No	The domains of the ACR Enterprise Edition instance. By default, all domains of the instance are used. You can specify individual domains, separated by commas.	***-**-registry.cn-beijing.cr.aliyuncs.com
	string	No	The domains of the ACR Enterprise Edition instance. By default, all domains of the instance are used. You can specify individual domains, separated by commas.	***-**-registry.cn-beijing.cr.aliyuncs.com
InstanceName	string	No	The name of the ACR Enterprise Edition instance.	acr-test
InstanceId	string	No	The ID of the ACR Enterprise Edition instance.	cri-nwj395hgf6f3****
RegionId	string	No	The region of the ACR Enterprise Edition instance.	cn-beijing
ArnService	string	No	The ARN of the RAM role under the account that owns the ECI instance and other resources.	acs:ram::1609982529******:role/role-assume
ArnUser	string	No	The ARN of the RAM role under the account that owns the ACR instance.	acs:ram::1298452580******:role/role-acr
SpotDuration	integer	No	The protection period of the preemptible instance. Unit: hours. Default value: 1. Set this to 0 for no protection period.	1
StrictSpot	boolean	No	Specifies whether to execute periodically: true: execute periodically. false: do not execute periodically.	true
PlainHttpRegistry	string	No	The address of a self-managed image repository. When creating ECI instances using images from a self-managed image repository that uses the HTTP protocol, configure this parameter so that ECI uses the HTTP protocol to pull images, avoiding image pull failures caused by protocol mismatch.	"harbor*.pre.com,192.168.XX.XX:5000,reg*.test.com:80"
InsecureRegistry	string	No	The address of a self-managed image repository. When creating ECI instances using images from a self-managed image repository that uses self-signed certificates, configure this parameter to skip certificate verification, avoiding image pull failures caused by certificate verification failure.	"harbor*.pre.com,192.168.XX.XX:5000,reg*.test.com:80"
ImageAccelerateMode	string	No	The image acceleration mode. Valid values: nydus: uses Nydus acceleration. The image must support it. dadi: uses DADI acceleration. The image must support it. p2p: uses P2P acceleration. The image must support it. imc: uses image cache acceleration.	imc
Ipv6GatewayBandwidthEnable	boolean	No	Specifies whether to enable IPv6 public network communication for the ECI instance.	true
Ipv6GatewayBandwidth	string	No	When Ipv6GatewayBandwidthEnable is set to true, specifies the peak public bandwidth for the IPv6 address. Valid values: When the IPv6 gateway uses pay-by-fixed-bandwidth billing, the IPv6 public bandwidth range is 1 to 2000 Mbps. When the IPv6 gateway uses pay-by-traffic billing, the IPv6 public bandwidth range depends on the gateway specification: Free edition: 1 to 200 Mbps. Enterprise edition: 1 to 500 Mbps. Enhanced enterprise edition: 1 to 1000 Mbps. Default value: the maximum value within the corresponding bandwidth range of the gateway.	100
ContainerResourceView	boolean	No	When the ECI specification is larger than the requested specification, you can enable this setting to ensure that the resources visible inside the container are consistent with the requested resources.	false
FixedIp	string	No	Set to true to enable fixed IP addresses for the instance. For details, see Configure ECI instances to use fixed IP addresses.	true
FixedIpRetainHour	integer	No	The retention period of the fixed IP address after it becomes idle, i.e., the retention period after the instance with the fixed IP address is released. Unit: hours. Default value: 48.	24
DataCacheBucket	string	No	The data cache bucket.	default
DataCachePL	string	No	The performance level of the cloud disk used by the data cache. ESSDs are used preferentially, and the default performance level is PL1.	PL1
DataCacheProvisionedIops	integer	No	The provisioned read/write IOPS when the data cache uses ESSD AutoPL cloud disks. Valid values: 0 to min{50000, 1000 * capacity - baseline performance}. Baseline performance = min{1800 + 50 * capacity, 50000}. For more information, see ESSD AutoPL cloud disks.	40000
DataCacheBurstingEnabled	boolean	No	Specifies whether to enable burst performance when the data cache uses ESSD AutoPL cloud disks. For more information, see ESSD AutoPL cloud disks.	false
DryRun	boolean	No	Specifies whether to perform a dry run. Valid values: true: performs a dry run without creating an ECI instance. The system checks required parameters, request format, service limits, and inventory. If the check fails, the corresponding error is returned. If the check passes, the error code DryRun.Success is returned. false (default): sends a normal request. After the check passes, the ECI instance is created.	false
PrivateIpAddress	string	No	The private IP address of the ECI instance. Currently, only IPv4 addresses are supported. Make sure that the IP address is not already in use.	172.16.0.1
OsType	string	No	The operating system of the ECI instance. Valid values: Linux (default) Windows Note Windows instances are in beta. To use them, submit a ticket.	Windows
CpuArchitecture	string	No	The CPU architecture of the ECI instance. Valid values: AMD64 (default) ARM64	ARM64
ComputeCategory	array	No	The compute categories. For more information, see Create instances by specifying compute categories.
	string	No	The compute categories. Valid values: economy: economy type. general: general-purpose type. Multiple compute categories are supported. The system creates instances in the specified order.	economy
GpuDriverVersion	string	No	The GPU driver version. Note Only some instance types support switching GPU driver versions. For more information, see Create instances by specifying GPU specifications.	tesla=535
MaxPendingMinute	integer	No

Response elements

Element	Type	Description	Example
	object
RequestId	string	The request ID, which is a unique identifier.	89945DD3-9072-47D0-A318-353284CFC7B3
ContainerGroupId	string	The instance ID, which is also the container group ID.	eci-uf6fonnghi50u374****

Examples

Success response

JSON format

{
  "RequestId": "89945DD3-9072-47D0-A318-353284CFC7B3",
  "ContainerGroupId": "eci-uf6fonnghi50u374****"
}

Error codes

HTTP status code	Error code	Error message	Description
400	Account.Arrearage	Your account has an outstanding payment.	Your account has an outstanding payment.
400	DryRunOperation	Request validation has been passed with DryRun flag set.	Request validation has been passed with DryRun flag set.
400	InvalidParameter.CPU.Memory	The specified cpu and memory are not allowed
400	InvalidParameter.DuplicatedName	The container group include containers with duplicate names.
400	InvalidParameter.DuplicatedVolumeName	The container group includes volumes with duplicate names.	The container group includes volumes with duplicate names.
400	IncorrectStatus	%s
400	ServiceNotEnabled	%s	The service on which this request depends has not been activated. Please activate and try again.
400	ImageSnapshot.IncorrectStatus	%s	The status of the specified snapshot is invalid.
400	ImageSnapshot.NotSupport	%s	Image caching based on data disk snapshots is not available for all users. If you want to enable this function, contact us.
400	DiskVolume.NotSupport	The disk volume is not supported.	Disk volume does not support your structure. If you want to enable this function, contact us.
400	RamRole.NotSupport	The RAM role is not supported.	The RAM role is not supported.
400	DiskNumber.LimitExceed	The maximum number of disks in an instance is exceeded.	The maximum number of disks in an instance is exceeded.
400	InvalidPaymentMethod.InsufficientBalance	No payment method is specified for your account. We recommend that you add a payment method or add funds to the prepayment balance.	No payment method is specified for your account. We recommend that you add a payment method or add funds to the prepayment balance.
400	DiskVolume.NotInSameZone	The instance to be created and the disk are not in the same zone.	The instance to be created and the disk are not in the same zone.
400	NoPermission	You are not authorized to use the "Product on ECI" feature.
400	HighCpuMemConfigRequired	You need to apply to be added to the whitelist of the specified CPU and memory.	You need to apply to be added to the whitelist of the specified CPU and memory.
400	RecommendEmpty.InstanceTypeFamilyNotMatched	The recommended instance type is unavailable in the current zone. Try again later.
400	LocalDiskAmountNotMatch	The number of local volumes does not match the instance type.
400	Payfor.CreditPayInsufficientBalance	Your payment credit line is insufficient.	Your payment credit line is insufficient.
400	InvalidOperation.KMS.InstanceTypeNotSupport	The specified instance is invalid. Only I/O optimized instances support KMS key.	The specified instance is invalid. Only I/O optimized instances support KMS key.
400	InvalidParameter.Encrypted.KmsNotEnabled	KMS must be enabled for encrypted disks.
400	InvalidParameter.KMS.EncryptedIllegal	After configuring the parameter KmsKeyId, you must enable encryption.	After configuring the parameter KmsKeyId, you must enable encryption.
400	InvalidSpotCpuMemorySpec	The specified CPU and memory are not allowed. You must create spot ECI using standard ECS specifications for CPU and memory.
400	Ipv6AddressNotSupportVsw	IPv6 is not supported in the specified vSwitch.
400	Ipv6AddressNotSupport	Ipv6 is not supported in specified region.
400	Ipv6AddressNotSupportInstanceType	IPv6 is not supported for the specified instance type.
400	EipPayInsufficientBalance	Your account does not have enough balance to purchase eip.
400	EipPurchaseFlowControl	Request was denied due to eip frequent purchase.
400	Throttling	You have made too many requests within a short time; your request is denied due to request throttling
400	JobInstanceBatchCreateNotSupport	ECI job instance not support batch create
400	JobInstanceDiskNotSupport	ECI job instance not support disk volume
400	JobInstanceEipNotSupport	ECI job instance not support eip
400	JobInstanceFeatureNotMatch	ECI job instance feature not match
400	JobInstanceImageCacheNotSupport	ECI job instance not support image cache
400	JobInstanceIPv6NotSupport	ECI job instance not support IPv6
400	JobInstanceRamRoleNotSupport	ECI job instance not support ram role
400	JobInstanceRegionNotSupport	ECI job instance not support in this region
400	JobInstanceSpotNotSupport	ECI job instance not support spot
400	InvalidInstanceTypeForEciSpotDurationBuy	Current instance type does not support spot duration instance.
400	InvalidInstanceTypeForEciBuy	Sales of this current instance type is not supported in eci.
400	InstanceTypeNotMatchCpuArch	%s.
400	JobInstanceEcsInstanceTypeNotSupport	Job-optimized elastic container instances cannot be created by specifying ECS instance types.
400	PrivatePoolInstanceSpotNotSupport	Spot is not supported for PrivatePool.
400	DryRun.Success	This request is a dryrun request with successful result.
400	PrivateIpAddress.Already.InUse	The specific PrivateIpAddress already in use.
400	IncorrectOperation	%s	You cannot perform this operation on the specified resource.
400	FeatureBasedConstraintConflict	A conflict occurs in specified feature constraints: [%s].	A conflict occurs in specified feature constraints
400	OperationFailed.RiskControl	%s.	We have detected that your account has security risks. Please contact customer service personnel for details.
400	RISK.RISK_CONTROL_REJECTION	To protect the security of your account, your request has been denied by the risk control system. Please contact Alibaba Cloud Customer Service for details.	In order to protect the security of your account, your request was rejected by the wind control system. Please contact customer service for details.
400	InvalidInstanceTypeForRaid	%s.	The current specification does not support Raid.
400	RegionDissolved	%s.
400	MultiAttachedCloudDiskNotSupport	%s.	You cannot mount a cloud disk with the multi-mount function enabled (that is, an NVMe shared disk).
403	OperationDenied.VswZoneMisMatch	The specified VSwitchId is not in the specified Zone.
403	QuotaExceeded	%s quota exceeded.
403	Zone.NotOnSale	The specified zone is not available for purchase.
403	Forbidden.RiskControl	This operation has been identified as an abnormal operation and cannot be processed.
403	Forbidden.SubUser	The specified action is not available for you.
403	Forbidden.OnlyForInvitedTest	Eci create action is only open to invited users during public beta.
403	OperationDenied.SecurityGroupMisMatch	The specified VSwitchId and SecurityGroupId are not in the same VPC.
403	InvalidVSwitchId.IpNotEnough	The specified VSwitch does not have enough IP addresses.
403	Forbidden.UserBussinessStatus	This operation is not allowed, because you have overdue bills. Pay the overdue bill and try again.
403	Forbidden.UserNotRealNameAuthentication	This operation is not allowed, because you have not passed the real-name verification.
403	InvalidUser.PassRoleForbidden	The RAM user is not authorized to assume a RAM role.	The RAM user is not authorized to assume a RAM role.
403	NoPermission	The RAM role does not belong to ECS.
403	OperationDenied.NoStock	Sales of this resource are temporarily suspended in the specified zone. We recommend that you use the multi-zone creation function to avoid the risk of insufficient resource. For more information, see https://www.alibabacloud.com/help/document_detail/157290.html
403	InvalidParameter.KMS.KeyId.Forbidden	You are not authorized to access the specified KMSKeyId.	You are not authorized to access the specified KMSKeyId.
403	Forbidden.AccountClosed	The operation is forbidden. Your account has been closed.
403	InvalidOperation.ResourceManagedByCloudProduct	The operation is forbidden. The security group has been managed by another cloud product.
403	Spot.NotMatched	%s. We recommend that you use the create multi-zone function to avoid insufficient inventory. For more information, see https://www.alibabacloud.com/help/document_detail/157290.html
403	SecurityRisk.3DVerification	We have detected a security risk with your default credit or debit card. Please proceed with verification via the link in your email.
403	CreateServiceLinkedRole.Denied	Please make sure the account has ram:CreateServiceLinkedRole permission.	Please make sure the account has ram:CreateServiceLinkedRole permission.
403	Throttling.Vcpu.PerDay	The maximum number of request for the day has been exceeded.	The maximum number of request for the day has been exceeded.
403	FeatureAccessRestricted	Access to this feature:[%s] is restricted. Please contact Alibaba Cloud ECI support to request access.	Access to this feature is restricted. Please contact Alibaba Cloud ECI support to request access.
404	ImageSnapshot.NotFound	The specified snapshot does not exist.
404	InvalidDiskId.NotFound	The specified disk does not exist.
404	InvalidParameter.KMS.KeyId.NotFound	The specified KMSKeyId does not exist.	The specified KMSKeyId does not exist.

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.