ALIYUN::CS::ManagedKubernetesCluster is used to create an ACK managed cluster.
Syntax
{
"Type": "ALIYUN::CS::ManagedKubernetesCluster",
"Properties": {
"CloudMonitorFlags": Boolean,
"ProxyMode": String,
"WorkerDataDisk": Boolean,
"SnatEntry": Boolean,
"VSwitchIds": List,
"WorkerPeriod": Number,
"WorkerPeriodUnit": String,
"WorkerSystemDiskCategory": String,
"VpcId": String,
"Tags": List,
"WorkerSystemDiskSize": Number,
"WorkerInstanceTypes": List,
"WorkerDataDisks": List,
"LoginPassword": String,
"ContainerCidr": String,
"NumOfNodes": Number,
"Name": String,
"Taint": List,
"KeyPair": String,
"WorkerAutoRenewPeriod": Number,
"WorkerInstanceChargeType": String,
"WorkerAutoRenew": Boolean,
"Addons": List,
"DisableRollback": Boolean,
"ServiceCidr": String,
"KubernetesVersion": String,
"SecurityGroupId": String,
"EndpointPublicAccess": Boolean,
"ClusterSpec": String,
"TimeoutMins": Number,
"PodVswitchIds": List,
"EncryptionProviderKey": String,
"Runtime": Map
}
}
Properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
CloudMonitorFlags | Boolean | No | No | Specifies whether to install CloudMonitor agents. | Default value: false. Valid values:
|
Runtime | Map | No | No | The container runtime. | The Runtime parameter consists of the following fields:
Sample value: For more information about how to select a container runtime, see Comparison of Docker, containerd, and Sandboxed-Container.
For more information about Runtime, see Runtime property. |
ProxyMode | String | No | No | The kube-proxy mode. | Default value: iptables. Valid values:
|
WorkerInstanceChargeType | String | No | No | The billing method of worker nodes. | Default value: PostPaid. Valid values:
|
SnatEntry | Boolean | No | No | Specifies whether to configure SNAT rules for the virtual private cloud (VPC) in which you want to deploy the cluster. |
|
WorkerPeriod | Number | No | No | The subscription duration. | This parameter takes effect and is required when the WorkerInstanceChargeType parameter
is set to PrePaid.
|
WorkerPeriodUnit | String | No | No | The unit of the subscription duration. | You must specify this parameter only when the WorkerInstanceChargeType parameter is
set to PrePaid. Default value: Month. Valid values:
|
WorkerSystemDiskCategory | String | No | No | The system disk type of worker nodes. | Default value: cloud_efficiency. Valid values:
|
VpcId | String | Yes | No | The ID of the VPC. | If you do not specify this parameter, the system creates a VPC whose CIDR block is
192.168.0.0/16.
You must specify the VpcId and VSwitchIds parameters or leave both parameters empty. |
Tags | List | No | No | The tags of the cluster. | You can specify up to 20 tags.
For more information, see Tags property. |
WorkerInstanceTypes | List | Yes | No | The Elastic Compute Service (ECS) instance types of worker nodes. | For more information, see Instance family. |
WorkerDataDisks | List | No | No | The configurations for the data disks that you attach to worker nodes. The configurations include disk types and disk sizes. | This parameter only takes effect when data disks are attached to worker nodes.
For more information, see WorkerDataDisks property. |
LoginPassword | String | No | No | The password for SSH logon. | The password must be 8 to 30 characters in length, and must contain letters, digits,
and special characters. Special characters include ( ) ' ~ ! @ # $ % ^ & ∗ - + = | { } [ ] : ; < > , . ? / -
You must specify only one of the LoginPassword and KeyPair parameters. |
ContainerCidr | String | No | No | The CIDR block of the container. | The CIDR block of the container cannot overlap with the CIDR block of the VPC. If you use the VPC that is created by the system, the CIDR block 172.16.0.0/16 is used. |
NumOfNodes | Number | No | No | The number of worker nodes. | Valid values: 0 to 300.
Default value: 3. |
Name | String | Yes | No | The name of the cluster. | The name must be 1 to 63 characters in length, and can contain letters, digits, and hyphens (-). |
WorkerSystemDiskSize | Number | No | No | The system disk size of worker nodes. | Default value: 120.
Unit: GiB. |
Taint | List | No | No | The taints that you want to add to nodes to ensure appropriate scheduling of pods. | If you apply tolerations to pods, the pods can be scheduled to nodes that have matching taints. |
WorkerAutoRenewPeriod | Number | No | No | The auto-renewal cycle of worker nodes. |
This parameter takes effect and is required when the WorkerInstanceChargeType parameter is set to PrePaid and the WorkerAutoRenew parameter is set to true.
|
WorkerDataDisk | Boolean | No | No | Specifies whether to attach a data disk to worker nodes. | Default value: false. Valid values:
|
WorkerAutoRenew | Boolean | No | No | Specifies whether to enable auto-renewal for worker nodes. | Default value: false. Valid values:
|
Addons | List | No | No | The components that you want to use for the cluster. |
|
DisableRollback | Boolean | No | No | Specifies whether to roll back the cluster when the cluster fails to be created. | Default value: true. Valid values:
|
ServiceCidr | String | No | No | The CIDR block of the Container Service for Kubernetes (ACK) service. | The CIDR block of the service cannot overlap with the CIDR block of the VPC or container. If you use the VPC that is created by the system, the CIDR block 172.19.0.0/20 is used. |
KubernetesVersion | String | No | No | The Kubernetes version of the cluster. The Kubernetes versions supported by ACK are the same as the Kubernetes versions supported by open source Kubernetes. We recommend that you use the latest version. | You can create clusters of the latest two versions. For more information about Kubernetes versions that are supported by ACK, see Overview of Kubernetes versions supported by ACK. |
SecurityGroupId | String | No | No | The ID of the security group to which the ECS instances in the cluster belong. | None. |
KeyPair | String | No | No | The name of the AccessKey pair. | You must specify only one of the LoginPassword and KeyPair parameters. |
EndpointPublicAccess | Boolean | No | No | Specifies whether to allow the cluster to access the API server over the Internet. | Default value: false. Valid values:
|
ClusterSpec | String | No | No | The type of the ACK managed cluster. | Default value: ack.standard. Valid values:
|
TimeoutMins | Number | No | No | The timeout period during which you can create the cluster. | Default value: 60.
Unit: minutes. |
PodVswitchIds | List | No | No | The IDs of pod vSwitches. | For each vSwitch that you allocate to a node, you must specify at least one pod vSwitch
in the same zone as the node vSwitch. The pod vSwitch cannot overlap with the node
vSwitch.
We recommend that you set the mask length of CIDR blocks to values that are no greater than 19 for the pod vSwitches. Note You must specify this parameter when the Terway component is used for the cluster.
|
EncryptionProviderKey | String | No | No | The ID of the encryption key that is managed by Key Management Service (KMS). | The encryption key is used to encrypt data disks. You can use KMS only in ACK Pro clusters. |
VSwitchIds | List | Yes | No | The vSwitch IDs of worker nodes. | You can specify one to three vSwitch IDs. |
Tags syntax
"Tags": [
{
"Key": String,
"Value": String
}
]
Tags property
Field | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
Key | String | Yes | No | The key of the tag. | The key must be 1 to 64 characters in length, and cannot start with aliyun , acs: , https:// , or http:// .
|
Value | String | No | No | The value of the tag. | The value must be 0 to 128 characters in length, and cannot start with aliyun , acs: , https:// , or http:// .
|
WorkerDataDisks syntax
"WorkerDataDisks": [
{
"Category": String,
"Size": Number
}
]
WorkerDataDisks property
Field | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
Category | String | Yes | No | The data disk type of worker nodes. | Default value: cloud_efficiency. Valid values:
|
Size | Number | Yes | No | The size of the data disk. | Valid values: 40 to 32768.
Unit: GiB. |
Addons syntax
"Addons": [
{
"Version": String,
"Config": String,
"Name": String,
"Disabled": Boolean
}
]
Addons property
Field | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
Version | String | No | No | The version of the component. | If you leave this parameter empty, the latest version of the component is used. |
Config | String | No | No | The configurations of the component. | If you leave this parameter empty, no configurations are required for the component. |
Name | String | Yes | No | The name of the component. | None. |
Disabled | Boolean | No | No | Specifies whether to disable automatic installation of the component. | Default value: true. Valid values:
|
Runtime syntax
"Runtime": {
"Name": String,
"Version": String
}
Runtime property
Field | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
Name | String | Yes | No | The name of the container runtime. | Default value: docker. Valid values:
|
Version | String | No | No | The version of the container runtime. |
|
Response parameters
- ClusterId: the ID of the cluster.
- TaskId: the ID of the task in which the cluster is created. The task ID is generated by the system and is used to query task status.
- WorkerRamRoleName: the name of the RAM role for worker nodes.
- DefaultUserKubeConfig: the default configurations of user credentials for the cluster.
- ScalingRuleId: the ID of the scaling rule.
- ScalingGroupId: the ID of the scaling group.
- PrivateUserKubConfig: the private configurations of user credentials for the cluster.
- ScalingConfigurationId: the ID of the scaling configuration.
- Nodes: the nodes in the cluster.
Examples
JSON
format
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"EndpointPublicAccess": {
"Type": "Boolean",
"Description": "Whether to enable the public network API Server:\ntrue: which means that the public network API Server is open.\nfalse: If set to false, the API server on the public network will not be created, only the API server on the private network will be created. Default to false.",
"AllowedValues": [
"True",
"true",
"False",
"false"
],
"Default": false
},
"WorkerPeriod": {
"Type": "Number",
"Description": "The duration of the annual and monthly subscription. It takes effect when the worker_instance_charge_type value is PrePaid and is required. The value range is:\nWhen PeriodUnit = Week, Period values are: {\"1\", \"2\", \"3\", \"4\"}\nWhen PeriodUnit = Month, Period values are: {\"1\", \"2\", \"3\", \"4\", \"5\", \"6\", \"7\", \"8\", \"9\", \"12\", \"24\", \"36\", \"48\", \"60\"}\nDefault to 1.",
"AllowedValues": [
1,
2,
3,
4,
5,
6,
7,
8,
9,
12,
24,
36,
48,
60
],
"Default": 1
},
"WorkerPeriodUnit": {
"Type": "String",
"Description": "When you specify PrePaid, you need to specify the period. The options are:\nWeek: Time is measured in weeks\nMonth: time in months\nDefault to Month.",
"AllowedValues": [
"Week",
"Month"
],
"Default": "Month"
},
"Addons": {
"Type": "Json",
"Description": "A combination of addon plugins for Kubernetes clusters.\nNetwork plug-in: including Flannel and Terway network plug-ins\nLog service: Optional. If the log service is not enabled, the cluster audit function cannot be used.\nIngress: The installation of the Ingress component is enabled by default."
},
"WorkerSystemDiskCategory": {
"Type": "String",
"Description": "Worker node system disk type. The value includes:\ncloud_efficiency: efficient cloud disk\ncloud_ssd: SSD cloud disk\nDefault to cloud_efficiency.",
"Default": "cloud_efficiency"
},
"WorkerSystemDiskSize": {
"Type": "Number",
"Description": "Worker disk system disk size, the unit is GiB.\nDefault to 120.",
"MinValue": 1,
"Default": 120
},
"Name": {
"Type": "String",
"Description": "The name of the cluster. The cluster name can use uppercase and lowercase letters, Chinese characters, numbers, and dashes."
},
"Taint": {
"Type": "Json",
"Description": "It is used to mark nodes with taints. It is usually used for the scheduling strategy of Pods. The corresponding concept is: tolerance. If there is a corresponding tolerance mark on the Pods, the stain on the node can be tolerated and scheduled to the node."
},
"Runtime": {
"Type": "Json",
"Description": "The container runtime of the cluster. The default runtime is Docker."
},
"CloudMonitorFlags": {
"Type": "Boolean",
"Description": "Whether to install the cloud monitoring plugin:\ntrue: indicates installation\nfalse: Do not install\nDefault to false",
"AllowedValues": [
"True",
"true",
"False",
"false"
],
"Default": false
},
"ServiceCidr": {
"Type": "String",
"Description": "The service network segment cannot conflict with the VPC network segment and the container network segment. When the system is selected to automatically create a VPC, the network segment 172.19.0.0/20 is used by default.",
"Default": "172.19.0.0/20"
},
"PodVswitchIds": {
"Type": "Json",
"Description": "The list of pod vSwitches. For each vSwitch that is allocated to nodes, \n you must specify at least one pod vSwitch in the same zone. \n The pod vSwitches cannot be the same as the node vSwitches. \n We recommend that you set the mask length of the CIDR block to a value no \ngreater than 19 for the pod vSwitches.\nThe pod_vswitch_ids parameter is required when the Terway network \nplug-in is selected for the cluster."
},
"WorkerAutoRenew": {
"Type": "Boolean",
"Description": "Whether to enable automatic renewal of Worker nodes. The optional values are:\ntrue: automatic renewal\nfalse: do not renew automatically\nDefault to true.",
"AllowedValues": [
"True",
"true",
"False",
"false"
],
"Default": true
},
"ProxyMode": {
"Type": "String",
"Description": "kube-proxy proxy mode, supports both iptables and ipvs modes. The default is iptables.",
"Default": "iptables"
},
"DisableRollback": {
"Type": "Boolean",
"Description": "Whether the failure was rolled back:\ntrue: indicates that it fails to roll back\nfalse: rollback failed\nThe default is true. If rollback fails, resources produced during the creation process will be released. False is not recommended.",
"AllowedValues": [
"True",
"true",
"False",
"false"
],
"Default": true
},
"Tags": {
"Type": "Json",
"Description": "Tag the cluster."
},
"WorkerInstanceTypes": {
"Type": "Json",
"Description": "Worker node ECS specification type code. For more details, see Instance Specification Family.",
"MinLength": 1,
"MaxLength": 5
},
"LoginPassword": {
"Type": "String",
"Description": "SSH login password. Password rules are 8-30 characters and contain three items (upper and lower case letters, numbers, and special symbols). Specify one of KeyPair or LoginPassword."
},
"KubernetesVersion": {
"Type": "String",
"Description": "The version of the Kubernetes cluster."
},
"ContainerCidr": {
"Type": "String",
"Description": "The container network segment cannot conflict with the VPC network segment. When the system is selected to automatically create a VPC, the network segment 172.16.0.0/16 is used by default.",
"Default": "172.16.0.0/16"
},
"WorkerInstanceChargeType": {
"Type": "String",
"Description": "Worker node payment type. The optional values are:\nPrePaid: prepaid\nPostPaid: Pay as you go\nDefault to PostPaid.",
"AllowedValues": [
"Subscription",
"PrePaid",
"PrePay",
"Prepaid",
"PayAsYouGo",
"PostPaid",
"PayOnDemand",
"Postpaid"
],
"Default": "PostPaid"
},
"KeyPair": {
"Type": "String",
"Description": "Key pair name. Specify one of KeyPair or LoginPassword."
},
"VSwitchIds": {
"Type": "CommaDelimitedList",
"Description": "The virtual switch ID of the worker node.",
"MinLength": 1
},
"WorkerDataDisks": {
"Type": "Json",
"Description": "A combination of configurations such as worker data disk type and size. This parameter is valid only when the worker node data disk is mounted."
},
"SecurityGroupId": {
"Type": "String",
"Description": "Specifies the ID of the security group to which the cluster ECS instance belongs."
},
"TimeoutMins": {
"Type": "Number",
"Description": "Cluster resource stack creation timeout, in minutes. The default value is 60.",
"Default": 60
},
"ClusterSpec": {
"Type": "String",
"Description": "The managed cluster spec. Value:\nack.pro.small: Professional hosting cluster, namely: \"ACK Pro version cluster\".\nack.standard: Standard hosting cluster.\nDefault value: ack.standard. The value can be empty. When it is empty, a standard managed cluster will be created."
},
"WorkerDataDisk": {
"Type": "Boolean",
"Description": "Whether to mount the data disk. The options are as follows:\ntrue: indicates that the worker node mounts data disks.\nfalse: indicates that the worker node does not mount data disks.\nDefault to false.",
"AllowedValues": [
"True",
"true",
"False",
"false"
],
"Default": false
},
"VpcId": {
"Type": "String",
"Description": "VPC ID."
},
"NumOfNodes": {
"Type": "Number",
"Description": "Number of worker nodes. The range is [0,300].\nDefault to 3.",
"MinValue": 2,
"MaxValue": 300,
"Default": 3
},
"EncryptionProviderKey": {
"Type": "String",
"Description": "The ID of the key that is managed by Key Management Service (KMS). This key is used to encrypt data disks. You can use KMS in only professional managed Kubernetes clusters."
},
"WorkerAutoRenewPeriod": {
"Type": "Number",
"Description": "Automatic renewal cycle, which takes effect when prepaid and automatic renewal are selected, and is required:\nWhen PeriodUnit = Week, the values are: {\"1\", \"2\", \"3\"}\nWhen PeriodUnit = Month, the value is {\"1\", \"2\", \"3\", \"6\", \"12\"}\nDefault to 1.",
"AllowedValues": [
1,
2,
3,
6,
12
],
"Default": 1
},
"SnatEntry": {
"Type": "Boolean",
"Description": "Whether to configure SNAT for the network.\nWhen a VPC can access the public network environment, set it to false.\nWhen an existing VPC cannot access the public network environment:\nWhen set to True, SNAT is configured and the public network environment can be accessed at this time.\nIf set to false, it means that SNAT is not configured and the public network environment cannot be accessed at this time.\nDefault to true.",
"AllowedValues": [
"True",
"true",
"False",
"false"
],
"Default": true
}
},
"Resources": {
"ManagedKubernetesCluster": {
"Type": "ALIYUN::CS::ManagedKubernetesCluster",
"Properties": {
"EndpointPublicAccess": {
"Ref": "EndpointPublicAccess"
},
"WorkerPeriod": {
"Ref": "WorkerPeriod"
},
"WorkerPeriodUnit": {
"Ref": "WorkerPeriodUnit"
},
"Addons": {
"Ref": "Addons"
},
"WorkerSystemDiskCategory": {
"Ref": "WorkerSystemDiskCategory"
},
"WorkerSystemDiskSize": {
"Ref": "WorkerSystemDiskSize"
},
"Name": {
"Ref": "Name"
},
"Taint": {
"Ref": "Taint"
},
"Runtime": {
"Ref": "Runtime"
},
"CloudMonitorFlags": {
"Ref": "CloudMonitorFlags"
},
"ServiceCidr": {
"Ref": "ServiceCidr"
},
"PodVswitchIds": {
"Ref": "PodVswitchIds"
},
"WorkerAutoRenew": {
"Ref": "WorkerAutoRenew"
},
"ProxyMode": {
"Ref": "ProxyMode"
},
"DisableRollback": {
"Ref": "DisableRollback"
},
"Tags": {
"Ref": "Tags"
},
"WorkerInstanceTypes": {
"Ref": "WorkerInstanceTypes"
},
"LoginPassword": {
"Ref": "LoginPassword"
},
"KubernetesVersion": {
"Ref": "KubernetesVersion"
},
"ContainerCidr": {
"Ref": "ContainerCidr"
},
"WorkerInstanceChargeType": {
"Ref": "WorkerInstanceChargeType"
},
"KeyPair": {
"Ref": "KeyPair"
},
"VSwitchIds": {
"Ref": "VSwitchIds"
},
"WorkerDataDisks": {
"Ref": "WorkerDataDisks"
},
"SecurityGroupId": {
"Ref": "SecurityGroupId"
},
"TimeoutMins": {
"Ref": "TimeoutMins"
},
"ClusterSpec": {
"Ref": "ClusterSpec"
},
"WorkerDataDisk": {
"Ref": "WorkerDataDisk"
},
"VpcId": {
"Ref": "VpcId"
},
"NumOfNodes": {
"Ref": "NumOfNodes"
},
"EncryptionProviderKey": {
"Ref": "EncryptionProviderKey"
},
"WorkerAutoRenewPeriod": {
"Ref": "WorkerAutoRenewPeriod"
},
"SnatEntry": {
"Ref": "SnatEntry"
}
}
}
},
"Outputs": {
"TaskId": {
"Description": "Task ID. Automatically assigned by the system, the user queries the task status.",
"Value": {
"Fn::GetAtt": [
"ManagedKubernetesCluster",
"TaskId"
]
}
},
"ClusterId": {
"Description": "Cluster instance ID.",
"Value": {
"Fn::GetAtt": [
"ManagedKubernetesCluster",
"ClusterId"
]
}
},
"ScalingGroupId": {
"Description": "Scaling group id",
"Value": {
"Fn::GetAtt": [
"ManagedKubernetesCluster",
"ScalingGroupId"
]
}
},
"ScalingRuleId": {
"Description": "Scaling rule id",
"Value": {
"Fn::GetAtt": [
"ManagedKubernetesCluster",
"ScalingRuleId"
]
}
},
"DefaultUserKubeConfig": {
"Description": "Default user kubernetes config which is used for configuring cluster credentials.",
"Value": {
"Fn::GetAtt": [
"ManagedKubernetesCluster",
"DefaultUserKubeConfig"
]
}
},
"WorkerRamRoleName": {
"Description": "Worker ram role name.",
"Value": {
"Fn::GetAtt": [
"ManagedKubernetesCluster",
"WorkerRamRoleName"
]
}
},
"ScalingConfigurationId": {
"Description": "Scaling configuration id",
"Value": {
"Fn::GetAtt": [
"ManagedKubernetesCluster",
"ScalingConfigurationId"
]
}
},
"PrivateUserKubConfig": {
"Description": "Private user kubernetes config which is used for configuring cluster credentials.",
"Value": {
"Fn::GetAtt": [
"ManagedKubernetesCluster",
"PrivateUserKubConfig"
]
}
}
}
}
YAML
format
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
Addons:
Description: 'A combination of addon plugins for Kubernetes clusters.
Network plug-in: including Flannel and Terway network plug-ins
Log service: Optional. If the log service is not enabled, the cluster audit
function cannot be used.
Ingress: The installation of the Ingress component is enabled by default.'
Type: Json
CloudMonitorFlags:
AllowedValues:
- 'True'
- 'true'
- 'False'
- 'false'
Default: false
Description: 'Whether to install the cloud monitoring plugin:
true: indicates installation
false: Do not install
Default to false'
Type: Boolean
ClusterSpec:
Description: 'The managed cluster spec. Value:
ack.pro.small: Professional hosting cluster, namely: "ACK Pro version cluster".
ack.standard: Standard hosting cluster.
Default value: ack.standard. The value can be empty. When it is empty, a standard
managed cluster will be created.'
Type: String
ContainerCidr:
Default: 172.16.0.0/16
Description: The container network segment cannot conflict with the VPC network
segment. When the system is selected to automatically create a VPC, the network
segment 172.16.0.0/16 is used by default.
Type: String
DisableRollback:
AllowedValues:
- 'True'
- 'true'
- 'False'
- 'false'
Default: true
Description: 'Whether the failure was rolled back:
true: indicates that it fails to roll back
false: rollback failed
The default is true. If rollback fails, resources produced during the creation
process will be released. False is not recommended.'
Type: Boolean
EncryptionProviderKey:
Description: The ID of the key that is managed by Key Management Service (KMS).
This key is used to encrypt data disks. You can use KMS in only professional
managed Kubernetes clusters.
Type: String
EndpointPublicAccess:
AllowedValues:
- 'True'
- 'true'
- 'False'
- 'false'
Default: false
Description: 'Whether to enable the public network API Server:
true: which means that the public network API Server is open.
false: If set to false, the API server on the public network will not be created,
only the API server on the private network will be created. Default to false.'
Type: Boolean
KeyPair:
Description: Key pair name. Specify one of KeyPair or LoginPassword.
Type: String
KubernetesVersion:
Description: The version of the Kubernetes cluster.
Type: String
LoginPassword:
Description: SSH login password. Password rules are 8-30 characters and contain
three items (upper and lower case letters, numbers, and special symbols). Specify
one of KeyPair or LoginPassword.
Type: String
Name:
Description: The name of the cluster. The cluster name can use uppercase and lowercase
letters, Chinese characters, numbers, and dashes.
Type: String
NumOfNodes:
Default: 3
Description: 'Number of worker nodes. The range is [0,300].
Default to 3.'
MaxValue: 300
MinValue: 2
Type: Number
PodVswitchIds:
Description: "The list of pod vSwitches. For each vSwitch that is allocated to\
\ nodes, \n you must specify at least one pod vSwitch in the same zone. \n The\
\ pod vSwitches cannot be the same as the node vSwitches. \n We recommend that\
\ you set the mask length of the CIDR block to a value no \ngreater than 19\
\ for the pod vSwitches.\nThe pod_vswitch_ids parameter is required when the\
\ Terway network \nplug-in is selected for the cluster."
Type: Json
ProxyMode:
Default: iptables
Description: kube-proxy proxy mode, supports both iptables and ipvs modes. The
default is iptables.
Type: String
Runtime:
Description: The container runtime of the cluster. The default runtime is Docker.
Type: Json
SecurityGroupId:
Description: Specifies the ID of the security group to which the cluster ECS instance
belongs.
Type: String
ServiceCidr:
Default: 172.19.0.0/20
Description: The service network segment cannot conflict with the VPC network
segment and the container network segment. When the system is selected to automatically
create a VPC, the network segment 172.19.0.0/20 is used by default.
Type: String
SnatEntry:
AllowedValues:
- 'True'
- 'true'
- 'False'
- 'false'
Default: true
Description: 'Whether to configure SNAT for the network.
When a VPC can access the public network environment, set it to false.
When an existing VPC cannot access the public network environment:
When set to True, SNAT is configured and the public network environment can
be accessed at this time.
If set to false, it means that SNAT is not configured and the public network
environment cannot be accessed at this time.
Default to true.'
Type: Boolean
Tags:
Description: Tag the cluster.
Type: Json
Taint:
Description: 'It is used to mark nodes with taints. It is usually used for the
scheduling strategy of Pods. The corresponding concept is: tolerance. If there
is a corresponding tolerance mark on the Pods, the stain on the node can be
tolerated and scheduled to the node.'
Type: Json
TimeoutMins:
Default: 60
Description: Cluster resource stack creation timeout, in minutes. The default
value is 60.
Type: Number
VSwitchIds:
Description: The virtual switch ID of the worker node.
MinLength: 1
Type: CommaDelimitedList
VpcId:
Description: VPC ID.
Type: String
WorkerAutoRenew:
AllowedValues:
- 'True'
- 'true'
- 'False'
- 'false'
Default: true
Description: 'Whether to enable automatic renewal of Worker nodes. The optional
values are:
true: automatic renewal
false: do not renew automatically
Default to true.'
Type: Boolean
WorkerAutoRenewPeriod:
AllowedValues:
- 1
- 2
- 3
- 6
- 12
Default: 1
Description: 'Automatic renewal cycle, which takes effect when prepaid and automatic
renewal are selected, and is required:
When PeriodUnit = Week, the values are: {"1", "2", "3"}
When PeriodUnit = Month, the value is {"1", "2", "3", "6", "12"}
Default to 1.'
Type: Number
WorkerDataDisk:
AllowedValues:
- 'True'
- 'true'
- 'False'
- 'false'
Default: false
Description: 'Whether to mount the data disk. The options are as follows:
true: indicates that the worker node mounts data disks.
false: indicates that the worker node does not mount data disks.
Default to false.'
Type: Boolean
WorkerDataDisks:
Description: A combination of configurations such as worker data disk type and
size. This parameter is valid only when the worker node data disk is mounted.
Type: Json
WorkerInstanceChargeType:
AllowedValues:
- Subscription
- PrePaid
- PrePay
- Prepaid
- PayAsYouGo
- PostPaid
- PayOnDemand
- Postpaid
Default: PostPaid
Description: 'Worker node payment type. The optional values are:
PrePaid: prepaid
PostPaid: Pay as you go
Default to PostPaid.'
Type: String
WorkerInstanceTypes:
Description: Worker node ECS specification type code. For more details, see Instance
Specification Family.
MaxLength: 5
MinLength: 1
Type: Json
WorkerPeriod:
AllowedValues:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 12
- 24
- 36
- 48
- 60
Default: 1
Description: 'The duration of the annual and monthly subscription. It takes effect
when the worker_instance_charge_type value is PrePaid and is required. The value
range is:
When PeriodUnit = Week, Period values are: {"1", "2", "3", "4"}
When PeriodUnit = Month, Period values are: {"1", "2", "3", "4", "5", "6", "7",
"8", "9", "12", "24", "36", "48", "60"}
Default to 1.'
Type: Number
WorkerPeriodUnit:
AllowedValues:
- Week
- Month
Default: Month
Description: 'When you specify PrePaid, you need to specify the period. The options
are:
Week: Time is measured in weeks
Month: time in months
Default to Month.'
Type: String
WorkerSystemDiskCategory:
Default: cloud_efficiency
Description: 'Worker node system disk type. The value includes:
cloud_efficiency: efficient cloud disk
cloud_ssd: SSD cloud disk
Default to cloud_efficiency.'
Type: String
WorkerSystemDiskSize:
Default: 120
Description: 'Worker disk system disk size, the unit is GiB.
Default to 120.'
MinValue: 1
Type: Number
Resources:
ManagedKubernetesCluster:
Properties:
Addons:
Ref: Addons
CloudMonitorFlags:
Ref: CloudMonitorFlags
ClusterSpec:
Ref: ClusterSpec
ContainerCidr:
Ref: ContainerCidr
DisableRollback:
Ref: DisableRollback
EncryptionProviderKey:
Ref: EncryptionProviderKey
EndpointPublicAccess:
Ref: EndpointPublicAccess
KeyPair:
Ref: KeyPair
KubernetesVersion:
Ref: KubernetesVersion
LoginPassword:
Ref: LoginPassword
Name:
Ref: Name
NumOfNodes:
Ref: NumOfNodes
PodVswitchIds:
Ref: PodVswitchIds
ProxyMode:
Ref: ProxyMode
Runtime:
Ref: Runtime
SecurityGroupId:
Ref: SecurityGroupId
ServiceCidr:
Ref: ServiceCidr
SnatEntry:
Ref: SnatEntry
Tags:
Ref: Tags
Taint:
Ref: Taint
TimeoutMins:
Ref: TimeoutMins
VSwitchIds:
Ref: VSwitchIds
VpcId:
Ref: VpcId
WorkerAutoRenew:
Ref: WorkerAutoRenew
WorkerAutoRenewPeriod:
Ref: WorkerAutoRenewPeriod
WorkerDataDisk:
Ref: WorkerDataDisk
WorkerDataDisks:
Ref: WorkerDataDisks
WorkerInstanceChargeType:
Ref: WorkerInstanceChargeType
WorkerInstanceTypes:
Ref: WorkerInstanceTypes
WorkerPeriod:
Ref: WorkerPeriod
WorkerPeriodUnit:
Ref: WorkerPeriodUnit
WorkerSystemDiskCategory:
Ref: WorkerSystemDiskCategory
WorkerSystemDiskSize:
Ref: WorkerSystemDiskSize
Type: ALIYUN::CS::ManagedKubernetesCluster
Outputs:
ClusterId:
Description: Cluster instance ID.
Value:
Fn::GetAtt:
- ManagedKubernetesCluster
- ClusterId
DefaultUserKubeConfig:
Description: Default user kubernetes config which is used for configuring cluster
credentials.
Value:
Fn::GetAtt:
- ManagedKubernetesCluster
- DefaultUserKubeConfig
PrivateUserKubConfig:
Description: Private user kubernetes config which is used for configuring cluster
credentials.
Value:
Fn::GetAtt:
- ManagedKubernetesCluster
- PrivateUserKubConfig
ScalingConfigurationId:
Description: Scaling configuration id
Value:
Fn::GetAtt:
- ManagedKubernetesCluster
- ScalingConfigurationId
ScalingGroupId:
Description: Scaling group id
Value:
Fn::GetAtt:
- ManagedKubernetesCluster
- ScalingGroupId
ScalingRuleId:
Description: Scaling rule id
Value:
Fn::GetAtt:
- ManagedKubernetesCluster
- ScalingRuleId
TaskId:
Description: Task ID. Automatically assigned by the system, the user queries the
task status.
Value:
Fn::GetAtt:
- ManagedKubernetesCluster
- TaskId
WorkerRamRoleName:
Description: Worker ram role name.
Value:
Fn::GetAtt:
- ManagedKubernetesCluster
- WorkerRamRoleName
To view more examples, visit ManagedKubernetesCluster.json and ManagedKubernetesCluster.yml.