ALIYUN::ACS::Cluster - Resource Orchestration Service - Alibaba Cloud Documentation Center

The ALIYUN::ACS::Cluster resource creates a Container Service for Kubernetes (ACK) cluster.

Syntax

{
  "Type": "ALIYUN::ACS::Cluster",
  "Properties": {
    "Name": String,
    "Addons": List,
    "ClusterSpec": String,
    "DeletionProtection": Boolean,
    "EndpointPublicAccess": Boolean,
    "IpStack": String,
    "KubernetesVersion": String,
    "LoggingType": String,
    "LoadBalancerSpec": String,
    "MaintenanceWindow": Map,
    "PodVSwitchIds": List,
    "ResourceGroupId": String,
    "ServiceDiscoveryTypes": List,
    "IsEnterpriseSecurityGroup": Boolean,
    "SlsProjectName": String,
    "ServiceCidr": String,
    "SnatEntry": Boolean,
    "TimeZone": String,
    "ComputeClass": String,
    "Tags": List,
    "VSwitchIds": List,
    "VpcId": String,
    "PodPostpaidSpec": Map,
    "DeleteOptions": List
  }
}

Properties

Property	Type	Required	Allow updates	Description	Constraint
Name	String	Yes	No	The name of the cluster.	The cluster name can contain uppercase letters, lowercase letters, Chinese characters, digits, and hyphens.
Addons	List	No	No	The components to install in the cluster.	For more information, see Addons properties.
ClusterSpec	String	No	No	The specification of the ACK managed cluster.	Valid values: ack.pro.small: professional managed cluster (ACK Pro cluster). ack.standard: standard managed cluster. Default value: ack.pro.small.
DeletionProtection	Boolean	No	Yes	Specifies whether to enable deletion protection for the cluster.	After you enable deletion protection, you cannot delete the cluster in the ACK console or by calling API operations. Valid values: true: enables deletion protection for the cluster. false: disables deletion protection for the cluster. Default value: false.
EndpointPublicAccess	Boolean	No	No	Specifies whether to enable public access to the API server.	Valid values: true: The public API server is accessible. false: If you set this parameter to false, a public API server is not created. Only a private API server is created. Default value: false.
IpStack	String	No	No	The IP stack of the cluster.	None.
KubernetesVersion	String	No	No	The Kubernetes version of the cluster.	None.
LoggingType	String	No	No	The log type of the cluster.	By default, Simple Log Service is not used.
LoadBalancerSpec	String	No	No	The specification of the Server Load Balancer instance.	Valid values: slb.s1.small slb.s2.small slb.s2.medium slb.s3.small slb.s3.medium slb.s3.large
MaintenanceWindow	Map	No	No	The maintenance window of the cluster.	For more information, see MaintenanceWindow properties.
PodVSwitchIds	List	No	No	The configurations of the vSwitches that are designed for pods.	You must specify the PodVSwitchIds parameter when you select the Terway network plug-in for the cluster. Note: For each vSwitch that is assigned to a node, you must specify at least one pod vSwitch in the same zone. The pod vSwitch is used to connect pods within a node and ensure network communication. The pod vSwitch is different from the node vSwitch that is used for internode or external communication. The pod vSwitch cannot be the same as the node vSwitch. This ensures isolation and hierarchical division in the network architecture and helps improve system security and management efficiency. Set the subnet mask length of the CIDR block for the pod vSwitch to 19 or less.
ResourceGroupId	String	No	Yes	The ID of the resource group.	None.
ServiceDiscoveryTypes	List	No	No	The service discovery types in the cluster.	The service discovery method for the serverless Kubernetes (ASK) cluster. CoreDNS: CoreDNS, which is a standard service discovery plug-in that is provided by open source Kubernetes. You need to deploy a set of containers in the cluster for DNS resolution. By default, two ECI instances are provisioned, each with 0.25 CPU cores and 512 MiB of memory. PrivateZone: To use Alibaba Cloud PrivateZone for service discovery, Enable the PrivateZone service. Default value: Disabled.
SlsProjectName	String	No	No	The name of the SLS project.	If you set LoggingType to SLS and leave SlsProjectName empty, a new project is created.
ServiceCidr	String	No	No	The service CIDR block. The service CIDR block cannot conflict with the VPC CIDR block or the container CIDR block.	When the system automatically creates a VPC, the 172.19.0.0/20 CIDR block is used by default.
SnatEntry	Boolean	No	No	Specifies whether to configure SNAT for the network.	If the VPC can access the Internet, set this parameter to false. If the existing VPC cannot access the Internet: If you set this parameter to true, SNAT is configured and the VPC can access the Internet. If you set this parameter to false, SNAT is not configured and the VPC cannot access the Internet. Default value: true.
IsEnterpriseSecurityGroup	Boolean	No	No	Specifies whether to create an enterprise security group.	Valid values: true: Creates an enterprise security group. An enterprise security group is required for a cluster that has Terway installed. false (default): The resource will not be created.
ComputeClass	String	No	No	The compute class of the cluster.	This parameter is used only for the parameter query of ZoneIds and is not used during the actual creation.
TimeZone	String	No	No	The time zone of the cluster.	None.
Tags	List	No	Yes	The tags to add to the cluster.	For more information, see Tags properties.
VSwitchIds	List	No	No	The list of virtual switch IDs.	If you leave this property empty, the system automatically creates a vSwitch. Note: You must specify both the VpcId and VSwitchIds properties, or leave both properties empty.
VpcId	String	No	No	The ID of the VPC.	None.
ZoneIds	List	No	No	The list of zone IDs.	None.
PodPostpaidSpec	Map	No	Yes	The details of the pay-as-you-go pod specification.	For more information, see PodPostpaidSpec properties.
DeleteOptions	List	No	Yes	The delete options. This parameter is applicable only when you delete resources.	For more information, see DeleteOptions properties.

Addons syntax

"Addons": [
  {
    "Config": String,
    "Disabled": Boolean,
    "Name": String,
    "Version": String
  }
]

Addons properties

Property	Type	Required	Allow updates	Description	Constraint
Name	String	Yes	No	The name of the component.	None.
Config	String	No	No	The configuration of the component.	If you leave this parameter empty, no configuration is required.
Disabled	Boolean	No	No	Specifies whether to disable default installation.	None.
Version	String	No	No	The version of the component.	If you leave this parameter empty, the latest version is selected by default.

MaintenanceWindow syntax

"MaintenanceWindow": {
  "MaintenanceTime": String,
  "WeeklyPeriod": String,
  "Enable": Boolean,
  "Duration": String
}

MaintenanceWindow properties

Property	Type	Required	Allow updates	Description	Constraint
Duration	String	No	No	The duration of the maintenance window.	None.
Enable	Boolean	No	No	Specifies whether to enable the maintenance window.	None.
MaintenanceTime	String	No	No	The maintenance time of the maintenance window.	None.
WeeklyPeriod	String	No	No	The weekly cycle of the maintenance window.	Valid values: Monday Tuesday Wednesday Thursday Friday Saturday Sunday

PodPostpaidSpec syntax

"PodPostpaidSpec": 
  {
    "CpuCore": Integer,
    "Replicas": Integer,
    "MemGib": Integer,
    "GpuQuantityConfigs": Map
  }

PodPostpaidSpec properties

Property	Type	Required	Allow Updates	Description	Constraint
CpuCore	Integer	No	Yes	The number of CPU cores.	None.
Replicas	Integer	No	Yes	The number of replicas.	None.
MemGib	Integer	No	Yes	The memory size of the GPU.	None.
GpuQuantityConfigs	Map	No	Yes	The GPU specification module.	For more information, see GpuQuantityConfigs properties.

GpuQuantityConfigs syntax

"GpuQuantityConfigs": 
  {
    "GpuQuantity": Integer,
    "GpuModel": String,
    "Arch": String,
    "ComputeQos": String
  }

GpuQuantityConfigs properties

Property	Type	Required	Allow Updates	Description	Constraint
GpuQuantity	Integer	No	Yes	The number of GPUs.	None.
GpuModel	String	No	Yes	The GPU model.	None.
Arch	String	No	Yes	The GPU architecture.	None.
ComputeQos	String	No	Yes	The Quality of Service (QoS) of GPU computing.	None.

DeleteOptions syntax

"DeleteOptions": [
  {
    "DeleteMode": String,
    "ResourceType": String
  }
]

DeleteOptions properties

Property

Type

Required

Allow Updates

Description

Constraint

DeleteMode

String

Yes

The deletion policy for this type of resource.

Valid values:

delete: deletes this type of resource.
retain: retains this type of resource.

ResourceType

String

Yes

The resource type.

Valid values:

SLB: SLB resources that are created by a service. By default, these resources are deleted. You can choose to retain them.
ALB: ALB resources that are created by an ALB Ingress controller. By default, these resources are retained. You can choose to delete them.
SLS_Data: The Simple Log Service project that is used for the cluster logging feature. By default, this resource is retained. You can choose to delete it.
SLS_ControlPlane: The Simple Log Service project that is used for the control plane logs of a managed cluster. By default, this resource is retained. You can choose to delete it.
PrivateZone: The PrivateZone resources that are created by a serverless Kubernetes (ASK) cluster. By default, these resources are retained. You can choose to delete them.

Tags syntax

"Tags": [
  {
    "Value": String,
    "Key": String
  }
]

Tags properties

Property	Type	Required	Allow Updates	Description	Constraint
Key	String	Yes	No	The tag key.	None.
Value	String	No	No	The tag value.	None.

Return values

Fn::GetAtt

TaskId: The ID of the task. The system automatically assigns this ID, which you can use to query the task status.
ClusterId: The ID of the cluster instance.
APIServerSLBId: The ID of the SLB instance for the API server.
ScalingGroupId: The ID of the scaling group.
IngressSLBId: The ID of the Ingress SLB instance.
ScalingRuleId: The ID of the scaling rule.
DefaultUserKubeConfig: The default Kubernetes user configuration that is used to configure cluster credentials.
WorkerRamRoleName: The name of the worker RAM role.
ScalingConfigurationId: The ID of the scaling configuration.
PrivateUserKubConfig: The private Kubernetes user configuration that is used to configure cluster credentials.
Nodes: The list of nodes in the cluster.

Examples

YAML

ROSTemplateFormatVersion: '2015-09-01'
Metadata: {}
Parameters: {}
Resources:
  Cluster:
    Type: ALIYUN::ACS::Cluster
    Properties:
      Name: test
      EndpointPublicAccess: false
      ServiceCidr: 172.19.0.0/20
      ClusterSpec: ack.pro.small
      SnatEntry: true
Outputs: {}

JSON

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Metadata": {
  },
  "Parameters": {
  },
  "Resources": {
    "Cluster": {
      "Type": "ALIYUN::ACS::Cluster",
      "Properties": {
        "Name": "test",
        "EndpointPublicAccess": false,
        "ServiceCidr": "172.19.0.0/20",
        "ClusterSpec": "ack.pro.small",
        "SnatEntry": true
      }
    }
  },
  "Outputs": {
  }
}