ALIYUN::ECI::ContainerGroup - Resource Orchestration Service

ALIYUN::ECI::ContainerGroup is used to create a container group. A container group is an elastic container instance.

Syntax

{
  "Type": "ALIYUN::ECI::ContainerGroup",
  "Properties": {
    "SecurityContextSysctl": List,
    "Memory": Number,
    "InitContainer": List,
    "Cpu": "Number",
    "EipInstanceId": String,
    "ContainerGroupName": String,
    "Container": List,
    "ImageSnapshotId": String,
    "DnsConfig": Map,
    "AutoMatchImageCache": Boolean,
    "Ipv6AddressCount": Integer,
    "ImageRegistryCredential": List,
    "SpotPriceLimit": Number,
    "InstanceType": String,
    "SpotStrategy": String,
    "ActiveDeadlineSeconds": Integer,
    "HostAliase": List,
    "ZoneId": String,
    "TerminationGracePeriodSeconds": Integer,
    "VSwitchId": String,
    "SecurityGroupId": String,
    "SlsEnable": Boolean,
    "RestartPolicy": String,
    "RamRoleName": String,
    "Volume": List,
    "AcrRegistryInfo": List,
    "Tag": List,
    "ResourceGroupId": String
  }
}

Properties


Property	Type	Required	Editable	Description	Constraint
EipInstanceId	String	No	No	The ID of the elastic IP address (EIP).	None.
Container	List	Yes	Yes	The containers in the container group.	For more information, see Container properties.
DnsConfig	Map	No	Yes	The configurations of Domain Name System (DNS).	For more information, see DnsConfig properties.
InitContainer	List	No	Yes	The list of init containers.	For more information, see InitContainer properties.
SecurityGroupId	String	Yes	No	The ID of the security group to which the container group belongs.	Instances in the same security group can access each other.
ContainerGroupName	String	Yes	No	The name of the container group.	None.
ZoneId	String	No	No	The ID of the zone in which you want to create the container group.	By default, this property is empty. If you do not specify this property, the system selects a zone.
Volume	List	No	Yes	The list of volumes.	You can specify up to 20 volumes. For more information, see Volume properties.
HostAliase	List	No	No	The mapping between the hostname and the IP addresses for a container in the pod.	For more information, see HostAliase properties.
RestartPolicy	String	No	Yes	The policy that you want to use to restart the container group.	Default value: Always. Valid values: Always OnFailure Never
ResourceGroupId	String	No	Yes	The ID of the resource group.	None.
Tag	List	No	Yes	The tags of the container group.	You can specify up to 20 tags for each container group. A tag is a key-value pair. The key and the value are of the String type. For more information, see Tag properties.
VSwitchId	String	Yes	No	The ID of the vSwitch. The elastic container instance that you want to create is of the virtual private cloud (VPC) type.	The number of IP addresses in the vSwitch CIDR block determines the maximum number of elastic container instances that can be created in the vSwitch. Before you create an elastic container instance, plan the CIDR block of the vSwitch.
ImageRegistryCredential	List	No	Yes	The logon information about the container image repository. The information includes the server IP address, the username, and the password.	For more information, see ImageRegistryCredential properties.
Memory	Number	No	Yes	The size of the memory.	None.
SlsEnable	Boolean	No	No	Specifies whether to enable logging.	Default value: false. Valid values: true false
SecurityContextSysctl	List	No	No	The security context of the container group.	For more information, see SecurityContext properties.
Cpu	Number	No	Yes	The number of vCPUs.	None.
ImageSnapshotId	String	No	No	The cache ID of the image or the ID of the snapshot.	None.
SpotPriceLimit	Number	No	No	The maximum hourly price of the container group.	The value of this property can contain up to three decimal places. This property takes effect only when the SpotStrategy property is set to SpotWithPriceLimit.
AutoMatchImageCache	Boolean	No	No	Specifies whether to automatically match the image cache.	None.
SpotStrategy	String	No	No	The bidding policy for the pay-as-you-go container group.	Default value: NoSpot. Valid values: NoSpot: The container group is created as a regular pay-as-you-go instance. SpotWithPriceLimit: The container group is created as a preemptible instance that has a user-defined maximum hourly price. SpotAsPriceGo: The container group is created as a preemptible instance for which the market price at the time of purchase is automatically used as the bid price.
TerminationGracePeriodSeconds	Integer	No	No	The buffer time period in which the program handles operations before the program is stopped.	Unit: seconds.
ActiveDeadlineSeconds	Integer	No	No	The validity period of the container group.	Unit: seconds.
Ipv6AddressCount	Integer	No	No	The number of IPv6 addresses.	None.
RamRoleName	String	No	No	The name of the RAM role for the container group.	You can use the RAM role to access elastic container instances and ECS instances.
AcrRegistryInfo	List	No	No	The configurations of the access credential for the Container Registry Enterprise Edition instance.	For more information, see AcrRegistryInfo properties.
InstanceType	String	No	No	The instance type.	None.

Container syntax

"Container": [
  {
    "EnvironmentVar": List,
    "Tty": Boolean,
    "SecurityContext": Map,
    "Name": String,
    "ImagePullPolicy": String,
    "Image": String,
    "Stdin": boolean,
    "WorkingDir": String,
    "LivenessProbe": Map,
    "Cpu": Number,
    "Command": List,
    "Memory": Number,
    "ReadinessProbe": Map,
    "VolumeMount": List,
    "Port": List,
    "Arg": List,
    "StdinOnce": Boolean
  }
]

Container properties


Property	Type	Required	Editable	Description	Constraint
EnvironmentVar	List	No	No	The environment variables for the container.	Each environment variable is a key-value pair. The key and the value are of the String type. The key specifies the name of a variable, and the value specifies the value of a variable. You can specify up to 100 environment variables. For more information, see EnvironmentVar properties.
Tty	Boolean	No	No	Specifies whether to allocate a TeleTYpe (TTY) terminal to the container.	Valid values: true false If you set this property to true, you must set the Stdin property to true.
SecurityContext	Map	No	No	The security context of the container group.	Set the value to true.
Name	String	Yes	No	The name of the container.	None.
ImagePullPolicy	String	No	No	The policy that you want to use to pull an image.	None.
Image	String	Yes	No	The image of the container.	None.
Stdin	Boolean	No	No	Specifies whether to allocate buffers to standard input streams in the container runtime.	Valid values: true false
WorkingDir	String	No	No	The working directory of the container.	None.
LivenessProbe	Map	No	No	The liveness probe of the container.	For more information, see LivenessProbe properties.
Cpu	Number	No	No	The number of vCPUs that you want to assign to the container.	None.
Command	List	No	No	The list of commands that you want to send to the container.	You can specify up to one command. A command is of the String type and can be up to 256 characters in length.
Memory	Number	No	No	The size of the memory that you want to allocate to the container.	Unit: GiB.
ReadinessProbe	Map	No	No	The readiness probe of the container.	For more information, see ReadinessProbe properties.
VolumeMount	List	No	No	Details of volumes that you want to mount on the container.	You can specify up to 16 volumes. For more information, see VolumeMount properties.
Port	List	No	No	The ports and protocols that you want to use for the container.	You can specify up to 100 ports. Valid values of the protocols: TCP UDP For more information, see Port properties.
Arg	List	No	No	The arguments that you want to pass to the command.	The arguments are of the String type. You can specify up to 10 arguments.
StdinOnce	Boolean	No	No	Specifies whether to close the standard input stream after the client that is connected for the first time is disconnected.	Valid values: true false

LivenessProbe syntax

"LivenessProbe": {
  "TcpSocket.Port": Integer,
  "HttpGet.Scheme": String,
  "HttpGet.Port": Integer,
  "FailureThreshold": Integer,
  "InitialDelaySeconds": Integer,
  "TimeoutSeconds": Integer,
  "SuccessThreshold": Integer,
  "Exec.Command": List,
  "PeriodSeconds": Integer,
  "HttpGet.Path": String
}

LivenessProbe properties


Property	Type	Required	Editable	Description	Constraint
TcpSocket.Port	Integer	No	No	The port to which the system sends a TCP socket request for a health check.	None.
HttpGet.Scheme	String	No	No	The protocol that you want to use to connect to the host.	Valid values: HTTP HTTPS
HttpGet.Port	Integer	No	No	The port to which the system sends an HTTP GET request for a health check.	None.
FailureThreshold	Integer	No	No	The number of times that a container must consecutively fail health checks before the probe considers the container unhealthy.	Default value: 3.
InitialDelaySeconds	Integer	No	No	The time period after the container is started and before the probe is initiated.	Unit: seconds.
TimeoutSeconds	Integer	No	No	The time period after which the probe times out. Unit: seconds.	Minimum value: 1. Default value: 1.
SuccessThreshold	Integer	No	No	The number of times that a container must consecutively pass health checks before the probe considers the container healthy.	Set the value to 1. Default value: 1.
Exec.Command	List	No	No	The commands that you want to use to run the probe for the container.	None.
PeriodSeconds	Integer	No	No	The interval at which you want to run the probe.	Unit: seconds. Minimum Value: 1. Default value: 10.
HttpGet.Path	String	No	No	The path to which the system sends an HTTP GET request for a health check.	None.

DnsConfig syntax

"DnsConfig": {
  "NameServer": List,
  "Search": List,
  "Option": List
}

DnsConfig properties


Property	Type	Required	Editable	Description	Constraint
NameServer	List	No	No	The IP addresses of the DNS servers.	None.
Search	List	No	No	The list of DNS search domains.	None.
Option	List	No	No	The list of options.	Each option consists of a name and a value. The value of each option is optional. For more information, see Option properties.

InitContainer syntax

"InitContainer": [
  {
    "EnvironmentVar": List,
    "SecurityContext": Map,
    "Name": String,
    "Image": String,
    "Arg": List,
    "WorkingDir": String,
    "Port": List,
    "Command": List,
    "Memory": Number,
    "ImagePullPolicy": String,
    "VolumeMount": List,
    "Cpu": Number
  }
]

InitContainer properties


Property	Type	Required	Editable	Description	Constraint
EnvironmentVar	List	No	No	The environment variables for the container.	Each environment variable is a key-value pair. The key and the value are of the String type. The key specifies the name of a variable, and the value specifies the value of a variable. You can specify up to 100 environment variables. Set the value to status.podIP.
SecurityContext	Map	No	No	The security context of the container group.	Set the value to true.
Name	String	No	No	The name of the container.	None.
Image	String	No	No	The image of the container.	None.
Arg	List	No	No	The arguments that you want to pass to the command.	The arguments are of the String type. You can specify up to 10 arguments.
WorkingDir	String	No	No	The working directory of the container.	None.
Port	List	No	No	The ports and protocols that you want to use for the container.	You can specify up to 100 ports. Valid values of the protocols: TCP UDP
Command	List	No	No	The list of commands that you want to send to the container.	You can specify up to one command. A command is of the String type and can be up to 256 characters in length.
Memory	Number	No	No	The size of the memory that you want to allocate to the container.	Unit: GB.
ImagePullPolicy	String	No	No	The policy that you want to use to pull an image.	None.
VolumeMount	List	No	No	Details of volumes that you want to mount on the container.	You can specify up to 16 volumes.
Cpu	Number	No	No	The number of vCPUs that you want to assign to the container.	None.

Volume syntax

"Volume": [
  {
    "NFSVolume.Path": String,
    "Name": String,
    "EmptyDirVolume.Medium": String,
    "NFSVolume.Server": String,
    "NFSVolume.ReadOnly": Boolean,
    "ConfigFileVolume.ConfigFileToPath": List,
    "Type": String
  }
]

Volume properties


Property	Type	Required	Editable	Description	Constraint
NFSVolume.Path	String	No	No	The path of the Network File System (NFS) volume.	None.
Name	String	Yes	No	The name of the volume.	None.
EmptyDirVolume.Medium	String	No	No	The storage medium.	By default, the file system on the node is used. Set the value to Memory. If you set this property to Memory, emptyDir volumes are stored in memory.
NFSVolume.Server	String	No	No	The IP address of the NFS server.	None.
NFSVolume.ReadOnly	Boolean	No	No	Specifies whether the NFS volume is read-only.	Default value: false.
ConfigFileVolume.ConfigFileToPath	List	No	No	The path of the ConfigFile volume.	For more information, see ConfigFileVolume.ConfigFileToPath properties.
Type	String	Yes	No	The type of the volume.	Valid values: EmptyDirVolume NFSVolume ConfigFileVolume

HostAliase syntax

"HostAliase": [
  {
    "Ip": String,
    "Hostname": List
  }
]

HostAliase properties


Property	Type	Required	Editable	Description	Constraint
Ip	String	No	No	The IP address.	None.
Hostname	List	No	No	The hostnames.	None.

ImageRegistryCredential syntax

"ImageRegistryCredential": [
  {
    "UserName": String,
    "Password": String,
    "Server": String
  }
]

ImageRegistryCredential properties


Property	Type	Required	Editable	Description	Constraint
UserName	String	Yes	No	The username that you want to use to log on to the image repository.	None.
Password	String	Yes	No	The password that you want to use log on to the image repository.	None.
Server	String	Yes	No	The IP address of the image repository.	The IP address cannot contain a protocol prefix, such as `http://` or `https://`.

EnvironmentVar syntax

"EnvironmentVar": {
  "Key": String,
  "Value": String,
  "FieldRef.FieldPath": String
}

EnvironmentVar properties


Property	Type	Required	Editable	Description	Constraint
Key	String	No	No	The name of the environment variable.	The name must be 1 to 128 characters in length, and can contain digits, letters, and underscores (_). The name cannot start with a digit.
Value	String	No	No	The value of the environment variable.	The value can be up to 256 characters in length.
FieldRef.FieldPath	String	No	No	The reference of the environment variable value.	Set the value to status.podIP.

SecurityContext syntax

"SecurityContext": {
  "Capability.Add": List,
  "RunAsUser": Interger,
  "ReadOnlyRootFilesystem": Boolen
}

SecurityContext properties


Property	Type	Required	Editable	Description	Constraint
Capability.Add	List	No	No	The capabilities that you want to add to the container.	Set the value to NET_ADMIN.
RunAsUser	Integer	No	No	The ID of the user.	None.
ReadOnlyRootFilesystem	Boolean	No	No	Specifies whether the root file system is read-only.	Set the value to true.

VolumeMount syntax

"VolumeMount": [
  {
    "Name": String,
    "ReadOnly": Boolen,
    "MountPath": String
  }
]

VolumeMount properties


Property	Type	Required	Editable	Description	Constraint
Name	String	No	No	The name of the volume.	The name must be the same as the value that is specified for the Name property in the "Volume properties" section of this topic.
ReadOnly	Boolean	No	No	Specifies whether the volume is read-only.	Default value: false.
MountPath	String	No	No	The path to which you want to mount the volume.	The data in the destination path is overwritten by the data in the mounted volume.

Port syntax

"Port": [
  {
    "Port": Interger,
    "Protocol": String
  }
]

Port properties


Property	Type	Required	Editable	Description	Constraint
Port	Integer	No	No	The port number.	Valid values: 1 to 65535.
Protocol	String	No	No	The protocol that you want to use for the port.	Valid values: TCP UDP

ConfigFileVolume.ConfigFileToPath syntax

"onfigFileVolume.ConfigFileToPath": [
  {
    "Content": String,
    "Path": String
  }
]

ConfigFileVolume.ConfigFileToPath properties


Property	Type	Required	Editable	Description	Constraint
Content	String	No	No	The content of the ConfigFile volume.	The configuration file can be up to 32 KB in length.
Path	String	Yes	No	The relative path of the ConfigFile volume.	You can specify the location of a directory relative to a different directory.

SecurityContextSysctl syntax

"SecurityContextSysctl": [
  {
    "Value": String,
    "Name": String
  }
]

SecurityContextSysctl properties


Property	Type	Required	Editable	Description	Constraint
Value	String	No	No	The variable value of the security context in which the container group runs.	None.
Name	String	No	No	The variable name of the security context in which the container group runs.	Valid values: kernel.msgmax kernel.shm_rmid_forced

ReadinessProbe syntax

"ReadinessProbe": {
  "TimeoutSeconds": Integer,
  "InitialDelaySeconds": Integer,
  "Exec.Command": List,
  "PeriodSeconds": Integer,
  "HttpGet.Port": Integer,
  "TcpSocket.Port": Integer,
  "FailureThreshold": Integer,
  "HttpGet.Scheme": String,
  "HttpGet.Path": String,
  "SuccessThreshold": Integer
}

ReadinessProbe properties


Property	Type	Required	Editable	Description	Constraint
FailureThreshold	Integer	No	No	The number of times that a container must consecutively fail health checks before the probe considers the container unhealthy.	Default value: 3.
HttpGet.Scheme	String	No	No	The GET request protocol.	Valid values: HTTP HTTPS
HttpGet.Path	String	No	No	The path to which the system sends an HTTP GET request for a health check.	None.
Exec.Command	List	No	No	The commands that you want to use to run the probe for the container.	None.
TcpSocket.Port	Integer	No	No	The port to which the system sends a TCP socket request for a health check.	None.
PeriodSeconds	Integer	No	No	The interval at which you want to run the probe.	Default value: 10. Minimum value: 1. Unit: seconds.
TimeoutSeconds	Integer	No	No	The duration after which the probe times out.	Default value: 10. Minimum value: 1. Unit: seconds.
InitialDelaySeconds	Integer	No	No	The time period after the container is started and before the probe is initiated.	None.
SuccessThreshold	Integer	No	No	The number of times that a container must consecutively pass health checks before the probe considers the container healthy.	Default value: 1.
HttpGet.Port	Integer	No	No	The port to which the system sends an HTTP GET request for a health check.	None.

Option syntax

"Option": [
  {
    "Name": String,
    "Value": String
  }
]

Option properties


Property	Type	Required	Editable	Description	Constraint
Name	String	No	No	The name of the option.	None.
Value	String	No	No	The value of the option.	None.

Tag syntax

"Tag": [
  {
    "Key": String,
    "Value": String
  }
]

Tag properties


Property	Type	Required	Editable	Description	Constraint
Key	String	Yes	No	The key of the tag.	None.
Value	String	No	No	The value of the tag.	None.

AcrRegistryInfo syntax

"AcrRegistryInfo": [
  {
    "RegionId": String,
    "InstanceName": String,
    "Domain": List,
    "InstanceId": String
  }
]

AcrRegistryInfo properties


Property	Type	Required	Editable	Description	Constraint
RegionId	String	No	No	The region ID of the Container Registry Enterprise Edition instance. By default, the Container Registry instance is deployed in the same region as the container group.	None.
InstanceName	String	No	No	The name of the Container Registry Enterprise Edition instance.	None.
Domain	List	No	No	The domain names of the Container Registry Enterprise Edition instance.	By default, the Container Registry instance uses the same domain names as the container group.
InstanceId	String	Yes	No	The ID of the Container Registry Enterprise Edition instance.	None.

Return values

Fn::GetAtt

ContainerGroupId: the ID of the container group.
ContainerGroupName: the name of the container group.
SecurityGroupId: the ID of the security group.
Ipv6Address: the IPv6 address.
InternetIp: the public IP address.
RegionId: the ID of the region.
IntranetIp: the private IP address.
ZoneId: the ID of the zone.
VSwitchId: the ID of the vSwitch.
EniInstanceId: the ID of the elastic network interface (ENI).

Examples

YAML format

ROSTemplateFormatVersion: '2015-09-01'
Description: Test ECI ContainerGroup
Parameters:
  VSwitch:
    AssociationProperty: ALIYUN::ECS::VSwitch::VSwitchId
    Type: String
    Label:
       
      en: VSwitch ID
  SecurityGroup:
    Type: String
    AssociationProperty: ALIYUN::ECS::SecurityGroup::SecurityGroupId
    Label:
       
      en: Security Group ID
Resources:
  ContainerGroup:
    Type: ALIYUN::ECI::ContainerGroup
    Properties:
      Container:
        - Name: mytest
          Image: busybox
          Cpu: 2
          Memory: 4
          Port:
            - Port: 8080
              Protocol: TCP
            - Port: 8888
              Protocol: TCP
      SecurityGroupId:
        Ref: SecurityGroup
      ContainerGroupName: mytest
      VSwitchId:
        Ref: VSwitch
      RestartPolicy: Always
      SlsEnable: false
      Cpu: 2
      Memory: 4
Outputs: {}

JSON format

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Description": "Test ECI ContainerGroup",
  "Parameters": {
    "VSwitch": {
      "AssociationProperty": "ALIYUN::ECS::VSwitch::VSwitchId",
      "Type": "String",
      "Label": {
         
        "en": "VSwitch ID"
      }
    },
    "SecurityGroup": {
      "Type": "String",
      "AssociationProperty": "ALIYUN::ECS::SecurityGroup::SecurityGroupId",
      "Label": {
         
        "en": "Security Group ID"
      }
    }
  },
  "Resources": {
    "ContainerGroup": {
      "Type": "ALIYUN::ECI::ContainerGroup",
      "Properties": {
        "Container": [
          {
            "Name": "mytest",
            "Image": "busybox",
            "Cpu": 2,
            "Memory": 4,
            "Port": [
              {
                "Port": 8080,
                "Protocol": "TCP"
              },
              {
                "Port": 8888,
                "Protocol": "TCP"
              }
            ]
          }
        ],
        "SecurityGroupId": {
          "Ref": "SecurityGroup"
        },
        "ContainerGroupName": "mytest",
        "VSwitchId": {
          "Ref": "VSwitch"
        },
        "RestartPolicy": "Always",
        "SlsEnable": false,
        "Cpu": 2,
        "Memory": 4
      }
    }
  },
  "Outputs": {
  }
}

For more examples, visit ContainerGroup.json and ContainerGroup.yml.