ALIYUN::CS::ManagedEdgeKubernetesCluster - Resource Orchestration Service

ALIYUN::CS::ManagedEdgeKubernetesCluster is used to create a managed edge cluster of Container Service for Kubernetes (ACK).

Syntax

{ 
  "Type": "ALIYUN::CS::ManagedEdgeKubernetesCluster",
  "Properties": {
    "NumOfNodes": Number,
    "Profile": String,
    "VpcId": String,
    "ServiceCidr": String,
    "Name": String,
    "Tags": List,
    "ProxyMode": String,
    "DisableRollback": Boolean,
    "SnatEntry": Boolean,
    "VSwitchIds": List,
    "LoginPassword": String,
    "WorkerSystemDiskSize": Number,
    "KeyPair": String,
    "Addons": List,
    "WorkerDataDiskCategory": String,
    "EndpointPublicAccess": Boolean,
    "WorkerDataDisk": Boolean,
    "WorkerSystemDiskCategory": String,
    "WorkerDataDiskSize": Integer,
    "TimeoutMins": Number,
    "ClusterSpec": String,
    "ContainerCidr": String,
    "CloudMonitorFlags": Boolean,
    "WorkerInstanceTypes": List,
    "IsEnterpriseSecurityGroup": Boolean,
    "AutoRenewPeriod": Number,
    "ChargeType": String,
    "AutoRenew": Boolean,
    "Period": Number,
    "NodeCidrMask": String,
    "PeriodUnit": String,
    "DeletionProtection": Boolean,
    "ZoneIds": List,
    "ResourceGroupId": String,
    "WorkerDataDisks": List
  }
}

Properties


Property	Type	Required	Editable	Description	Constraint
NumOfNodes	Number	Yes	No	The number of worker nodes.	Valid values: 0 to 300.
Profile	String	No	No	The identifier that indicates whether the cluster is an ACK edge cluster.	Default value: Edge.
VpcId	String	No	No	The ID of the virtual private cloud (VPC).	If you do not specify this property, the system creates a VPC whose CIDR block is 192.168.0.0/16. You must specify both the VpcId and VSwitchIds properties or leave both properties empty.
ServiceCidr	String	No	No	The CIDR block of the ACK service.	The CIDR block of the service cannot overlap with the CIDR block of the VPC or container. If you use the VPC that is automatically created by the system, the 172.19.0.0/20 CIDR block is automatically used.
Name	String	Yes	No	The name of the cluster.	The name must start with a letter or digit and can contain letters, digits, and hyphens (-).
Tags	List	No	Yes	The tags of the cluster.	You can specify up to 20 tags. For more information, see Tags properties.
Addons	List	No	No	The components that you want to install in the cluster.	You can use the following components: Network components The Flannel component and the Terway component are supported. You must select one of the preceding components when you create a cluster. If you use the Flannel component, specify the value in the `[{"Name":"flannel","Config":""}]` format. If you use the Terway component, specify the value in the `[{"Name": "terway-eniip","Config": ""}]` format. Storage components The Container Storage Interface (CSI) component and the FlexVolume component are supported. If you use the CSI component, specify the value in the `[{"Name":"csi-plugin","Config": ""},{"Name": "csi-provisioner","Config": ""}]` format. If you use the FlexVolume component, specify the value in the `[{"Name": "flexvolume","Config": ""}]` format. (Optional) Log Service components. You can use an existing Log Service project or create a Log Service project. Note To use the cluster auditing feature, you must activate Log Service. If you use an existing Log Service project, specify the value in the `[{"Name": "logtail-ds","Config": "{\"IngressDashboardEnabled\":\"true\",\"sls_project_name\":\"your_sls_project_name\"}"}]` format. If you create a Log Service project, specify the value in the `[{"Name": "logtail-ds","Config": "{\"IngressDashboardEnabled\":\"true\"}"}]` format. (Optional) Ingress component By default, the nginx-ingress-controller component is installed in Kubernetes dedicated clusters. If you install nginx-ingress-controller and enable Internet access, specify the value in the `[{"Name":"nginx-ingress-controller","Config":"{\"IngressSlbNetworkType\":\"internet\"}"}]` format. If you do not install nginx-ingress-controller, specify the value in the `[{"Name": "nginx-ingress-controller","Config": "","Disabled": true}]` format. (Optional) Event centers You can use Kubernetes event centers to store and query events, and configure alerts. You can use the Logstores that are associated with Kubernetes event centers for free within 90 days. For more information, see Create and use an event center. If you enable the event center feature, specify the value in the `[{"Name":"ack-node-problem-detector","Config":"{\"sls_project_name\":\"your_sls_project_name\"}"}]` format. For more information, see Addons properties.
ProxyMode	String	No	No	The kube-proxy mode.	Valid values: iptables. This is the default value. ipvs
DisableRollback	Boolean	No	No	Specifies whether to roll back resources if the cluster fails to be created.	Valid values: true: does not roll back resources when the cluster fails to be created. This is the default value. false: rolls back resources when the cluster fails to be created. Note If you set this property to false, the resources that are generated during cluster creation are released when the cluster fails to be created. We recommend that you set this property to true.
SnatEntry	Boolean	No	No	Specifies whether to configure SNAT rules for the VPC.	Valid values: true: configures SNAT rules for the VPC. false: does not configure SNAT rules for the VPC. This is the default value. Note If you use the VPC that is created by the system, you must set this property to true. If you use an existing VPC that is not created by the system, you must specify this property based on whether the VPC can access the Internet.
ZoneIds	List	No	No	The IDs of the zones to which the vSwitches of worker nodes belong.	None
ResourceGroupId	String	No	Yes	The ID of the resource group to which the cluster belongs.	None
VSwitchIds	List	No	No	The vSwitch IDs.	The list can contain one to three vSwitch IDs. You must specify both the VpcId and VSwitchIds properties or leave both properties empty.
LoginPassword	String	No	No	The logon password.	The password must be 8 to 30 characters in length, The password must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters. Special characters include ( ) ` ~ ! @ # $ % ^ & * - + = \| { } [ ] : ; ' < > , . ? /. You must specify either the LoginPassword or KeyPair property, but not both.
KeyPair	String	No	No	The name of the key pair. This parameter is empty by default.	You must specify either the LoginPassword or KeyPair property, but not both.
EndpointPublicAccess	Boolean	No	No	Specifies whether to enable access to the API server over the Internet.	Valid values: true: enables access to the API server over the Internet. This is the default value. false: enables access to the API server only over the VPC.
WorkerSystemDiskSize	Number	No	No	The size of the system disk that you attach to the worker node.	Default value: 120. Unit: GiB.
WorkerSystemDiskCategory	String	No	No	The category of the system disk for the worker node.	Valid values: cloud_efficiency: ultra disk. This is the default value. cloud_ssd: SSD. cloud_essd: Enhanced SSD (ESSD).
WorkerDataDisk	Boolean	No	No	Specifies whether to attach a data disk to the worker node.	Valid values: true: attaches a data disk to the worker node. false: does not attach a data disk to the worker node. This is the default value.
WorkerDataDiskSize	Integer	No	No	The size of the data disk that you attach to the worker node.	None
WorkerDataDiskCategory	String	No	No	The type of the data disk.	Valid values: cloud_efficiency: ultra disk. This is the default value. cloud_ssd: SSD. cloud_essd: ESSD.
TimeoutMins	Number	No	No	The timeout period during which you can create the cluster.	Default value: 60. Unit: minutes.
ClusterSpec	String	No	No	The type of the ACK managed cluster.	Valid values: ack.pro.small: ACK edge Pro cluster. ack.standard: ACK edge standard cluster. This is the default value.
ContainerCidr	String	No	No	The CIDR block of the pod.	This property is required when you create a cluster in which the Flannel component is used. The CIDR block must be one of the following CIDR blocks and their subnets: 10.0.0.0/8 172.16-31.0.0/12-16 192.168.0.0/16 The CIDR block of the pod cannot overlap with the CIDR block of the VPC in which you want to deploy the cluster or the CIDR blocks of existing clusters in the VPC. You cannot modify the CIDR block of the pod after you create the cluster. For more information, see Plan CIDR blocks for an ACK cluster.
CloudMonitorFlags	Boolean	No	No	Specifies whether to install CloudMonitor agents.	Valid values: true: installs CloudMonitor agents. false: does not install CloudMonitor agents. This is the default value.
WorkerInstanceTypes	List	No	No	The instance types of worker nodes.	None
IsEnterpriseSecurityGroup	Boolean	No	No	Specifies whether to create an advanced security group.	This property takes effect when you leave the SecurityGroupId property empty. Valid values: true: creates an advanced security group. If you install the Terway component in the cluster, you must create an advanced security group. false: does not create an advanced security group. This is the default value.
AutoRenewPeriod	Number	No	No	The auto-renewal period.	This property takes effect when you set the ChargeType property to PrePaid and the AutoRenew property to true. Valid values: Valid values if you set the PeriodUnit property to Week: 1, 2, and 3. Valid values if you set the PeriodUnit property to Month: 1, 2, 3, 6, and 12. Default value: 1.
ChargeType	String	No	No	The billing method of the cluster.	Valid values: PrePaid: subscription. PostPaid: pay-as-you-go. This is the default value.
AutoRenew	Boolean	No	No	Specifies whether to enable auto-renewal for the cluster.	This property takes effect when you set the ChargeType property to PrePaid. Valid values: true: enables auto-renewal for the cluster. This is the default value. false: disables auto-renewal for the cluster.
Period	Number	No	No	The subscription duration of the cluster.	This property takes effect and is required when you set the ChargeType property to PrePaid. Valid values: Valid values if you set the PeriodUnit property to Week: 1, 2, 3, and 4. Valid values if you set the PeriodUnit property to Month: 1, 2, 3, 4, 5, 6, 7, 8, 9, 12, 24, 36, 48, and 60. Default value: 1.
NodeCidrMask	String	No	No	The maximum number of CIDR blocks that can be assigned to a node.	The value varies based on the CIDR block that you specify for pods. This property takes effect only when you use the Flannel component in the cluster. Default value: 25.
PeriodUnit	String	No	No	The unit of the subscription duration of the cluster.	This property takes effect when you set the ChargeType property to PrePaid. Valid values: Week. Month. This is the default value.
DeletionProtection	Boolean	No	No	Specifies whether to enable deletion protection.	After you enable deletion protection, you cannot delete the cluster in the ACK console or by calling specific ACK API operations. Valid values: true: enables deletion protection. false: disables deletion protection. This is the default value.
WorkerDataDisks	List	No	No	The configurations of the data disks that you want to attach to worker nodes. The configurations include disk categories and disk sizes.	This property takes effect only if you attach data disks to worker nodes. For more information, see WorkerDataDisks properties.

Tags syntax

"Tags": [
  {
    "Key": String,
    "Value": String
  }
]

Tags properties


Property	Type	Required	Editable	Description	Constraint
Key	String	Yes	No	The tag key.	The tag key must be 1 to 64 characters in length. The tag key cannot start with `aliyun`, `acs:`, `https://`, or `http://`.
Value	String	No	No	The tag value.	The tag value can be up to 128 characters in length. The tag value cannot start with `aliyun`, `acs:`, `http://`, or `https://`.

WorkerDataDisks syntax

"WorkerDataDisks": [
  {
    "Category": String,
    "Size": Number
  }
]

WorkerDataDisks properties


Property	Type	Required	Editable	Description	Constraint
Category	String	Yes	No	The category of the data disk that you want to attach to a worker node.	Valid values: cloud: basic disk. cloud_ssd: SSD. cloud_efficiency: ultra disk. This is the default value. cloud_essd: ESSD.
Size	Number	Yes	No	The size of the data disk that you want to attach to a worker node.	Valid values: 40 to 32,768. Unit: GiB.

Addons syntax

"Addons": [
  {
    "Disabled": Boolean,
    "Config": String,
    "Name": String
  }
]

Addons properties


Property	Type	Required	Editable	Description	Constraint
Disabled	Boolean	No	No	Specifies whether to disable automatic installation for the component.	Valid values: true: disables automatic installation for the component. false: enables automatic installation for the component. This is the default value.
Config	String	No	No	The configurations of the component.	None
Name	String	Yes	No	The name of the component.	None

Return values

Fn::GetAtt

ClusterId: the ID of the cluster.
TaskId: the ID of the task in which the cluster is created. The task ID is assigned by the system and is used to query the status of the task.
WorkerRamRoleName: the name of the RAM role for the worker node.
DefaultUserKubeConfig: the default configurations of user credentials for the cluster.
ScalingRuleId: the ID of the scaling rule.
ScalingGroupId: the ID of the scaling group.
PrivateUserKubConfig: the private configurations of user credentials for the cluster.
ScalingConfigurationId: the ID of the scaling configuration.
Nodes: the nodes in the cluster.
APIServerSLBId: the ID of the Server Load Balancer (SLB) instance that is associated with the API server.

Examples

YAML format

ROSTemplateFormatVersion: '2015-09-01'
Description: Test ManagedEdgeKubernetesCluster
Parameters:
  VSwitchZoneId:
    Type: String
    AssociationProperty: ALIYUN::ECS::Instance::ZoneId
    Description: Availability ID for existing switches
    Label: VSwitch Zone ID
  VpcId:
    Type: String
    Default: Null
    AssociationProperty: ALIYUN::ECS::VPC::VPCId
    Description: Please search the ID starts with (vpc-xxx)from console-Virtual Private Cloud
    Label: Existing VPC ID
  VSwitchId:
    Type: String
    Default: Null
    AssociationProperty: ALIYUN::ECS::VSwitch::VSwitchId
    Description: Please search the business VSwitch ID starts with(vsw-xxx)from console-Virtual Private Cloud-VSwitches
    Label: VSwitch ID
    AssociationPropertyMetadata:
      ZoneId: ${VSwitchZoneId}
      VpcId: ${VpcId}
  ClusterName:
    Type: String
    Default: mytest
  Password:
    Type: String
    Description: Server login password, Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^*_-+=|{}[]:;,.? Special symbol in).
    MinLength: 8
    Label: Instance Password
    NoEcho: true
    MaxLength: 30
    ConstraintDescription: Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^*_-+=|{}[]:;',.?/ Special symbol in).
  NumOfNodes:
    Type: Number
    Default: 1
    MinValue: 0
    MaxValue: 300
  WorkerInstanceType:
    AssociationProperty: ALIYUN::ECS::Instance::InstanceType
    AssociationPropertyMetadata:
      ZoneId: VSwitchZoneId
    Type: String
    Label: Instance Type
  WorkerSystemDiskCategory:
    AssociationProperty: ALIYUN::ECS::Disk::SystemDiskCategory
    AssociationPropertyMetadata:
      ZoneId: ${VSwitchZoneId}
      InstanceType: ${WorkerInstanceType}
    Type: String
    Label: System Disk Type
Resources:
  Cluster:
    Type: ALIYUN::CS::ManagedEdgeKubernetesCluster
    Properties:
      NumOfNodes:
        Ref: NumOfNodes
      Name:
        Ref: ClusterName
      LoginPassword:
        Ref: Password
      VpcId:
        Ref: VpcId
      VSwitchIds:
        - Ref: VSwitchId
      WorkerInstanceTypes:
        - Ref: WorkerInstanceType
      WorkerSystemDiskCategory:
        Ref: WorkerSystemDiskCategory
      ServiceCidr: 172.19.0.0/20
Outputs:
  ClusterId:
    Value:
      Fn::GetAtt:
        - Cluster
        - ClusterId
  TaskId:
    Value:
      Fn::GetAtt:
        - Cluster
        - TaskId

JSON format

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Description": "Test ManagedEdgeKubernetesCluster",
  "Parameters": {
    "VSwitchZoneId": {
      "Type": "String",
      "AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",
      "Description": "Availability ID for existing switches",
      "Label": "VSwitch Zone ID"
    },
    "VpcId": {
      "Type": "String",
      "Default": null,
      "AssociationProperty": "ALIYUN::ECS::VPC::VPCId",
      "Description": "Please search the ID starts with (vpc-xxx)from console-Virtual Private Cloud",
      "Label": "Existing VPC ID"
    },
    "VSwitchId": {
      "Type": "String",
      "Default": null,
      "AssociationProperty": "ALIYUN::ECS::VSwitch::VSwitchId",
      "Description": "Please search the business VSwitch ID starts with(vsw-xxx)from console-Virtual Private Cloud-VSwitches",
      "Label": "VSwitch ID",
      "AssociationPropertyMetadata": {
        "ZoneId": "${VSwitchZoneId}",
        "VpcId": "${VpcId}"
      }
    },
    "ClusterName": {
      "Type": "String",
      "Default": "mytest"
    },
    "Password": {
      "Type": "String",
      "Description": "Server login password, Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^*_-+=|{}[]:;,.? Special symbol in).",
      "MinLength": 8,
      "Label": "Instance Password",
      "NoEcho": true,
      "MaxLength": 30,
      "ConstraintDescription": "Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^*_-+=|{}[]:;',.?/ Special symbol in)."
    },
    "NumOfNodes": {
      "Type": "Number",
      "Default": 1,
      "MinValue": 0,
      "MaxValue": 300
    },
    "WorkerInstanceType": {
      "AssociationProperty": "ALIYUN::ECS::Instance::InstanceType",
      "AssociationPropertyMetadata": {
        "ZoneId": "VSwitchZoneId"
      },
      "Type": "String",
      "Label": "Instance Type"
    },
    "WorkerSystemDiskCategory": {
      "AssociationProperty": "ALIYUN::ECS::Disk::SystemDiskCategory",
      "AssociationPropertyMetadata": {
        "ZoneId": "${VSwitchZoneId}",
        "InstanceType": "${WorkerInstanceType}"
      },
      "Type": "String",
      "Label": "System Disk Type"
    }
  },
  "Resources": {
    "Cluster": {
      "Type": "ALIYUN::CS::ManagedEdgeKubernetesCluster",
      "Properties": {
        "NumOfNodes": {
          "Ref": "NumOfNodes"
        },
        "Name": {
          "Ref": "ClusterName"
        },
        "LoginPassword": {
          "Ref": "Password"
        },
        "VpcId": {
          "Ref": "VpcId"
        },
        "VSwitchIds": [
          {
            "Ref": "VSwitchId"
          }
        ],
        "WorkerInstanceTypes": [
          {
            "Ref": "WorkerInstanceType"
          }
        ],
        "WorkerSystemDiskCategory": {
          "Ref": "WorkerSystemDiskCategory"
        },
        "ServiceCidr": "172.19.0.0/20"
      }
    }
  },
  "Outputs": {
    "ClusterId": {
      "Value": {
        "Fn::GetAtt": [
          "Cluster",
          "ClusterId"
        ]
      }
    },
    "TaskId": {
      "Value": {
        "Fn::GetAtt": [
          "Cluster",
          "TaskId"
        ]
      }
    }
  }
}

For more examples, see ManagedEdgeKubernetesCluster.json and ManagedEdgeKubernetesCluster.yml.