ALIYUN::ECI::ContainerGroup is used to create a container group. A container group is an elastic container instance.
Syntax
{
"Type": "ALIYUN::ECI::ContainerGroup",
"Properties": {
"SecurityContextSysctl": List,
"Memory": Number,
"InitContainer": List,
"Cpu": "Number",
"EipInstanceId": String,
"ContainerGroupName": String,
"Container": List,
"ImageSnapshotId": String,
"DnsConfig": Map,
"AutoMatchImageCache": Boolean,
"Ipv6AddressCount": Integer,
"ImageRegistryCredential": List,
"SpotPriceLimit": Number,
"InstanceType": String,
"SpotStrategy": String,
"ActiveDeadlineSeconds": Integer,
"HostAliase": List,
"ZoneId": String,
"TerminationGracePeriodSeconds": Integer,
"VSwitchId": String,
"SecurityGroupId": String,
"SlsEnable": Boolean,
"RestartPolicy": String,
"RamRoleName": String,
"Volume": List,
"AcrRegistryInfo": List,
"Tag": List,
"ResourceGroupId": String
}
}
Properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
EipInstanceId | String | No | No | The ID of the elastic IP address (EIP). | None. |
Container | List | Yes | Yes | The containers in the container group. | For more information, see Container properties. |
DnsConfig | Map | No | Yes | The configurations of Domain Name System (DNS). | For more information, see DnsConfig properties. |
InitContainer | List | No | Yes | The list of init containers. | For more information, see InitContainer properties. |
SecurityGroupId | String | Yes | No | The ID of the security group to which the container group belongs. | Instances in the same security group can access each other. |
ContainerGroupName | String | Yes | No | The name of the container group. | None. |
ZoneId | String | No | No | The ID of the zone in which you want to create the container group. | By default, this property is empty. If you do not specify this property, the system selects a zone. |
Volume | List | No | Yes | The list of volumes. | You can specify up to 20 volumes. For more information, see Volume properties. |
HostAliase | List | No | No | The mapping between the hostname and the IP addresses for a container in the pod. | For more information, see HostAliase properties. |
RestartPolicy | String | No | Yes | The policy that you want to use to restart the container group. | Default value: Always. Valid values:
|
ResourceGroupId | String | No | Yes | The ID of the resource group. | None. |
Tag | List | No | Yes | The tags of the container group. | You can specify up to 20 tags for each container group. A tag is a key-value pair. The key and the value are of the String type. For more information, see Tag properties. |
VSwitchId | String | Yes | No | The ID of the vSwitch. The elastic container instance that you want to create is of the virtual private cloud (VPC) type. | The number of IP addresses in the vSwitch CIDR block determines the maximum number of elastic container instances that can be created in the vSwitch. Before you create an elastic container instance, plan the CIDR block of the vSwitch. |
ImageRegistryCredential | List | No | Yes | The logon information about the container image repository. The information includes the server IP address, the username, and the password. | For more information, see ImageRegistryCredential properties. |
Memory | Number | No | Yes | The size of the memory. | None. |
SlsEnable | Boolean | No | No | Specifies whether to enable logging. | Default value: false. Valid values:
|
SecurityContextSysctl | List | No | No | The security context of the container group. | For more information, see SecurityContext properties. |
Cpu | Number | No | Yes | The number of vCPUs. | None. |
ImageSnapshotId | String | No | No | The cache ID of the image or the ID of the snapshot. | None. |
SpotPriceLimit | Number | No | No | The maximum hourly price of the container group. | The value of this property can contain up to three decimal places. This property takes effect only when the SpotStrategy property is set to SpotWithPriceLimit. |
AutoMatchImageCache | Boolean | No | No | Specifies whether to automatically match the image cache. | None. |
SpotStrategy | String | No | No | The bidding policy for the pay-as-you-go container group. | Default value: NoSpot. Valid values:
|
TerminationGracePeriodSeconds | Integer | No | No | The buffer time period in which the program handles operations before the program is stopped. | Unit: seconds. |
ActiveDeadlineSeconds | Integer | No | No | The validity period of the container group. | Unit: seconds. |
Ipv6AddressCount | Integer | No | No | The number of IPv6 addresses. | None. |
RamRoleName | String | No | No | The name of the RAM role for the container group. | You can use the RAM role to access elastic container instances and ECS instances. |
AcrRegistryInfo | List | No | No | The configurations of the access credential for the Container Registry Enterprise Edition instance. | For more information, see AcrRegistryInfo properties. |
InstanceType | String | No | No | The instance type. | None. |
Container syntax
"Container": [
{
"EnvironmentVar": List,
"Tty": Boolean,
"SecurityContext": Map,
"Name": String,
"ImagePullPolicy": String,
"Image": String,
"Stdin": boolean,
"WorkingDir": String,
"LivenessProbe": Map,
"Cpu": Number,
"Command": List,
"Memory": Number,
"ReadinessProbe": Map,
"VolumeMount": List,
"Port": List,
"Arg": List,
"StdinOnce": Boolean
}
]
Container properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
EnvironmentVar | List | No | No | The environment variables for the container. | Each environment variable is a key-value pair. The key and the value are of the String type. The key specifies the name of a variable, and the value specifies the value of a variable. You can specify up to 100 environment variables. For more information, see EnvironmentVar properties. |
Tty | Boolean | No | No | Specifies whether to allocate a TeleTYpe (TTY) terminal to the container. | Valid values:
|
SecurityContext | Map | No | No | The security context of the container group. | Set the value to true. |
Name | String | Yes | No | The name of the container. | None. |
ImagePullPolicy | String | No | No | The policy that you want to use to pull an image. | None. |
Image | String | Yes | No | The image of the container. | None. |
Stdin | Boolean | No | No | Specifies whether to allocate buffers to standard input streams in the container runtime. | Valid values:
|
WorkingDir | String | No | No | The working directory of the container. | None. |
LivenessProbe | Map | No | No | The liveness probe of the container. | For more information, see LivenessProbe properties. |
Cpu | Number | No | No | The number of vCPUs that you want to assign to the container. | None. |
Command | List | No | No | The list of commands that you want to send to the container. | You can specify up to one command. A command is of the String type and can be up to 256 characters in length. |
Memory | Number | No | No | The size of the memory that you want to allocate to the container. | Unit: GiB. |
ReadinessProbe | Map | No | No | The readiness probe of the container. | For more information, see ReadinessProbe properties. |
VolumeMount | List | No | No | Details of volumes that you want to mount on the container. | You can specify up to 16 volumes. For more information, see VolumeMount properties. |
Port | List | No | No | The ports and protocols that you want to use for the container. | You can specify up to 100 ports. Valid values of the protocols:
For more information, see Port properties. |
Arg | List | No | No | The arguments that you want to pass to the command. | The arguments are of the String type. You can specify up to 10 arguments. |
StdinOnce | Boolean | No | No | Specifies whether to close the standard input stream after the client that is connected for the first time is disconnected. | Valid values:
|
LivenessProbe syntax
"LivenessProbe": {
"TcpSocket.Port": Integer,
"HttpGet.Scheme": String,
"HttpGet.Port": Integer,
"FailureThreshold": Integer,
"InitialDelaySeconds": Integer,
"TimeoutSeconds": Integer,
"SuccessThreshold": Integer,
"Exec.Command": List,
"PeriodSeconds": Integer,
"HttpGet.Path": String
}
LivenessProbe properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
TcpSocket.Port | Integer | No | No | The port to which the system sends a TCP socket request for a health check. | None. |
HttpGet.Scheme | String | No | No | The protocol that you want to use to connect to the host. | Valid values:
|
HttpGet.Port | Integer | No | No | The port to which the system sends an HTTP GET request for a health check. | None. |
FailureThreshold | Integer | No | No | The number of times that a container must consecutively fail health checks before the probe considers the container unhealthy. | Default value: 3. |
InitialDelaySeconds | Integer | No | No | The time period after the container is started and before the probe is initiated. | Unit: seconds. |
TimeoutSeconds | Integer | No | No | The time period after which the probe times out. Unit: seconds. | Minimum value: 1. Default value: 1. |
SuccessThreshold | Integer | No | No | The number of times that a container must consecutively pass health checks before the probe considers the container healthy. | Set the value to 1. Default value: 1. |
Exec.Command | List | No | No | The commands that you want to use to run the probe for the container. | None. |
PeriodSeconds | Integer | No | No | The interval at which you want to run the probe. | Unit: seconds. Minimum Value: 1. Default value: 10. |
HttpGet.Path | String | No | No | The path to which the system sends an HTTP GET request for a health check. | None. |
DnsConfig syntax
"DnsConfig": {
"NameServer": List,
"Search": List,
"Option": List
}
DnsConfig properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
NameServer | List | No | No | The IP addresses of the DNS servers. | None. |
Search | List | No | No | The list of DNS search domains. | None. |
Option | List | No | No | The list of options. | Each option consists of a name and a value. The value of each option is optional. For more information, see Option properties. |
InitContainer syntax
"InitContainer": [
{
"EnvironmentVar": List,
"SecurityContext": Map,
"Name": String,
"Image": String,
"Arg": List,
"WorkingDir": String,
"Port": List,
"Command": List,
"Memory": Number,
"ImagePullPolicy": String,
"VolumeMount": List,
"Cpu": Number
}
]
InitContainer properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
EnvironmentVar | List | No | No | The environment variables for the container. | Each environment variable is a key-value pair. The key and the value are of the String type. The key specifies the name of a variable, and the value specifies the value of a variable. You can specify up to 100 environment variables. Set the value to status.podIP. |
SecurityContext | Map | No | No | The security context of the container group. | Set the value to true. |
Name | String | No | No | The name of the container. | None. |
Image | String | No | No | The image of the container. | None. |
Arg | List | No | No | The arguments that you want to pass to the command. | The arguments are of the String type. You can specify up to 10 arguments. |
WorkingDir | String | No | No | The working directory of the container. | None. |
Port | List | No | No | The ports and protocols that you want to use for the container. | You can specify up to 100 ports. Valid values of the protocols:
|
Command | List | No | No | The list of commands that you want to send to the container. | You can specify up to one command. A command is of the String type and can be up to 256 characters in length. |
Memory | Number | No | No | The size of the memory that you want to allocate to the container. | Unit: GB. |
ImagePullPolicy | String | No | No | The policy that you want to use to pull an image. | None. |
VolumeMount | List | No | No | Details of volumes that you want to mount on the container. | You can specify up to 16 volumes. |
Cpu | Number | No | No | The number of vCPUs that you want to assign to the container. | None. |
Volume syntax
"Volume": [
{
"NFSVolume.Path": String,
"Name": String,
"EmptyDirVolume.Medium": String,
"NFSVolume.Server": String,
"NFSVolume.ReadOnly": Boolean,
"ConfigFileVolume.ConfigFileToPath": List,
"Type": String
}
]
Volume properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
NFSVolume.Path | String | No | No | The path of the Network File System (NFS) volume. | None. |
Name | String | Yes | No | The name of the volume. | None. |
EmptyDirVolume.Medium | String | No | No | The storage medium. | By default, the file system on the node is used. Set the value to Memory. If you set this property to Memory, emptyDir volumes are stored in memory. |
NFSVolume.Server | String | No | No | The IP address of the NFS server. | None. |
NFSVolume.ReadOnly | Boolean | No | No | Specifies whether the NFS volume is read-only. | Default value: false. |
ConfigFileVolume.ConfigFileToPath | List | No | No | The path of the ConfigFile volume. | For more information, see ConfigFileVolume.ConfigFileToPath properties. |
Type | String | Yes | No | The type of the volume. | Valid values:
|
HostAliase syntax
"HostAliase": [
{
"Ip": String,
"Hostname": List
}
]
HostAliase properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
Ip | String | No | No | The IP address. | None. |
Hostname | List | No | No | The hostnames. | None. |
ImageRegistryCredential syntax
"ImageRegistryCredential": [
{
"UserName": String,
"Password": String,
"Server": String
}
]
ImageRegistryCredential properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
UserName | String | Yes | No | The username that you want to use to log on to the image repository. | None. |
Password | String | Yes | No | The password that you want to use log on to the image repository. | None. |
Server | String | Yes | No | The IP address of the image repository. | The IP address cannot contain a protocol prefix, such as |
EnvironmentVar syntax
"EnvironmentVar": {
"Key": String,
"Value": String,
"FieldRef.FieldPath": String
}
EnvironmentVar properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
Key | String | No | No | The name of the environment variable. | The name must be 1 to 128 characters in length, and can contain digits, letters, and underscores (_). The name cannot start with a digit. |
Value | String | No | No | The value of the environment variable. | The value can be up to 256 characters in length. |
FieldRef.FieldPath | String | No | No | The reference of the environment variable value. | Set the value to status.podIP. |
SecurityContext syntax
"SecurityContext": {
"Capability.Add": List,
"RunAsUser": Interger,
"ReadOnlyRootFilesystem": Boolen
}
SecurityContext properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
Capability.Add | List | No | No | The capabilities that you want to add to the container. | Set the value to NET_ADMIN. |
RunAsUser | Integer | No | No | The ID of the user. | None. |
ReadOnlyRootFilesystem | Boolean | No | No | Specifies whether the root file system is read-only. | Set the value to true. |
VolumeMount syntax
"VolumeMount": [
{
"Name": String,
"ReadOnly": Boolen,
"MountPath": String
}
]
VolumeMount properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
Name | String | No | No | The name of the volume. | The name must be the same as the value that is specified for the Name property in the "Volume properties" section of this topic. |
ReadOnly | Boolean | No | No | Specifies whether the volume is read-only. | Default value: false. |
MountPath | String | No | No | The path to which you want to mount the volume. | The data in the destination path is overwritten by the data in the mounted volume. |
Port syntax
"Port": [
{
"Port": Interger,
"Protocol": String
}
]
Port properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
Port | Integer | No | No | The port number. | Valid values: 1 to 65535. |
Protocol | String | No | No | The protocol that you want to use for the port. | Valid values:
|
ConfigFileVolume.ConfigFileToPath syntax
"onfigFileVolume.ConfigFileToPath": [
{
"Content": String,
"Path": String
}
]
ConfigFileVolume.ConfigFileToPath properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
Content | String | No | No | The content of the ConfigFile volume. | The configuration file can be up to 32 KB in length. |
Path | String | Yes | No | The relative path of the ConfigFile volume. | You can specify the location of a directory relative to a different directory. |
SecurityContextSysctl syntax
"SecurityContextSysctl": [
{
"Value": String,
"Name": String
}
]
SecurityContextSysctl properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
Value | String | No | No | The variable value of the security context in which the container group runs. | None. |
Name | String | No | No | The variable name of the security context in which the container group runs. | Valid values:
|
ReadinessProbe syntax
"ReadinessProbe": {
"TimeoutSeconds": Integer,
"InitialDelaySeconds": Integer,
"Exec.Command": List,
"PeriodSeconds": Integer,
"HttpGet.Port": Integer,
"TcpSocket.Port": Integer,
"FailureThreshold": Integer,
"HttpGet.Scheme": String,
"HttpGet.Path": String,
"SuccessThreshold": Integer
}
ReadinessProbe properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
FailureThreshold | Integer | No | No | The number of times that a container must consecutively fail health checks before the probe considers the container unhealthy. | Default value: 3. |
HttpGet.Scheme | String | No | No | The GET request protocol. | Valid values:
|
HttpGet.Path | String | No | No | The path to which the system sends an HTTP GET request for a health check. | None. |
Exec.Command | List | No | No | The commands that you want to use to run the probe for the container. | None. |
TcpSocket.Port | Integer | No | No | The port to which the system sends a TCP socket request for a health check. | None. |
PeriodSeconds | Integer | No | No | The interval at which you want to run the probe. | Default value: 10. Minimum value: 1. Unit: seconds. |
TimeoutSeconds | Integer | No | No | The duration after which the probe times out. | Default value: 10. Minimum value: 1. Unit: seconds. |
InitialDelaySeconds | Integer | No | No | The time period after the container is started and before the probe is initiated. | None. |
SuccessThreshold | Integer | No | No | The number of times that a container must consecutively pass health checks before the probe considers the container healthy. | Default value: 1. |
HttpGet.Port | Integer | No | No | The port to which the system sends an HTTP GET request for a health check. | None. |
Option syntax
"Option": [
{
"Name": String,
"Value": String
}
]
Option properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
Name | String | No | No | The name of the option. | None. |
Value | String | No | No | The value of the option. | None. |
Tag syntax
"Tag": [
{
"Key": String,
"Value": String
}
]
Tag properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
Key | String | Yes | No | The key of the tag. | None. |
Value | String | No | No | The value of the tag. | None. |
AcrRegistryInfo syntax
"AcrRegistryInfo": [
{
"RegionId": String,
"InstanceName": String,
"Domain": List,
"InstanceId": String
}
]
AcrRegistryInfo properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
RegionId | String | No | No | The region ID of the Container Registry Enterprise Edition instance. By default, the Container Registry instance is deployed in the same region as the container group. | None. |
InstanceName | String | No | No | The name of the Container Registry Enterprise Edition instance. | None. |
Domain | List | No | No | The domain names of the Container Registry Enterprise Edition instance. | By default, the Container Registry instance uses the same domain names as the container group. |
InstanceId | String | Yes | No | The ID of the Container Registry Enterprise Edition instance. | None. |
Return values
Fn::GetAtt
- ContainerGroupId: the ID of the container group.
- ContainerGroupName: the name of the container group.
- SecurityGroupId: the ID of the security group.
- Ipv6Address: the IPv6 address.
- InternetIp: the public IP address.
- RegionId: the ID of the region.
- IntranetIp: the private IP address.
- ZoneId: the ID of the zone.
- VSwitchId: the ID of the vSwitch.
- EniInstanceId: the ID of the elastic network interface (ENI).
Examples
JSON
format{ "ROSTemplateFormatVersion": "2015-09-01", "Description": "Test ECI ContainerGroup", "Parameters": { "VSwitch": { "AssociationProperty": "ALIYUN::ECS::VSwitch::VSwitchId", "Type": "String", "Label": { "en": "VSwitch ID" } }, "SecurityGroup": { "Type": "String", "AssociationProperty": "ALIYUN::ECS::SecurityGroup::SecurityGroupId", "Label": { "en": "Security Group ID" } } }, "Resources": { "ContainerGroup": { "Type": "ALIYUN::ECI::ContainerGroup", "Properties": { "Container": [ { "Name": "mytest", "Image": "busybox", "Cpu": 2, "Memory": 4, "Port": [ { "Port": 8080, "Protocol": "TCP" }, { "Port": 8888, "Protocol": "TCP" } ] } ], "SecurityGroupId": { "Ref": "SecurityGroup" }, "ContainerGroupName": "mytest", "VSwitchId": { "Ref": "VSwitch" }, "RestartPolicy": "Always", "SlsEnable": false, "Cpu": 2, "Memory": 4 } } }, "Outputs": { } }
For more examples, visit ContainerGroup.json and ContainerGroup.yml.