How to use the ALIYUN::CS::ASKCluster resource type to create an ACK Serverless cluster - Resource Orchestration Service

The ALIYUN::CS::ASKCluster resource type creates an ACK Serverless cluster.

Syntax

{
  "Type": "ALIYUN::CS::ASKCluster",
  "Properties": {
    "KubernetesVersion": String,
    "EndpointPublicAccess": Boolean,
    "ZoneId": String,
    "ResourceGroupId": String,
    "VSwitchIds": List,
    "SecurityGroupId": String,
    "Addons": List,
    "DeletionProtection": Boolean,
    "ClusterSpec": String,
    "Name": String,
    "EncryptionProviderKey": String,
    "TimeZone": String,
    "ServiceDiscoveryTypes": List,
    "VpcId": String,
    "ServiceCidr": String,
    "SnatEntry": Boolean,
    "Tags": List,
    "PrivateZone": Boolean,
    "DeleteOptions": List,
    "MaintenanceWindow": Map,
    "IpStack": String
  }
}

Properties

Property	Type	Required	Updatable	Description	Constraints
KubernetesVersion	String	No	Yes	The version of the cluster.	None
EndpointPublicAccess	Boolean	No	No	Specifies whether to enable public access to the API server.	Valid values: true (default): Enables public access to the API server. false: Disables public access. If you set this parameter to false, you cannot access the API server of the cluster from the Internet.
ZoneId	String	No	No	The zone ID of the region where the cluster is located.	When you create an ACK Serverless cluster, if you do not specify `VpcId` and `VSwitchIds`, you must specify `ZoneId` for the cluster. This allows the system to automatically create virtual private cloud (VPC) resources in the specified zone.
ResourceGroupId	String	No	Yes	The ID of the resource group to which the cluster belongs.	None
VSwitchIds	List	No	No	A list of vSwitch IDs where the cluster nodes are located.	You can specify up to three vSwitches. Note This parameter is required when you create an ACK managed cluster with no nodes.
SecurityGroupId	String	No	No	The ID of the security group to which the ECS instances in the cluster belong.	None
Addons	List	No	No	A list of cluster components.	None
DeletionProtection	Boolean	No	Yes	Specifies whether to enable deletion protection for the cluster. This prevents the cluster from being accidentally deleted in the console or by calling an API operation.	Valid values: true: Enables deletion protection. You cannot delete the cluster in the console or by calling an API operation. false (default): Disables deletion protection. You can delete the cluster in the console or by calling an API operation.
DeleteOptions	List	No	Yes	The deletion options for resources that are associated with the cluster.	For more information, see DeleteOptions properties.
ClusterSpec	String	No	No	The type of the ACK managed cluster.	Valid values: ack.pro.small: ACK Pro cluster. ack.standard (default): Standard ACK cluster. Note If you leave this parameter empty, a standard ACK cluster is created. For more information, see Overview of ACK Pro clusters.
Name	String	Yes	No	The name of the cluster.	The name must be 1 to 63 characters in length. It can contain digits, Chinese characters, letters, and hyphens (-). It cannot start with a hyphen (-).
TimeZone	String	No	No	The time zone of the cluster.	None
EncryptionProviderKey	String	No	No	The ID of the key that is managed by Key Management Service (KMS).	This key is used to encrypt data disks. You can use KMS only in ACK Pro clusters.
ServiceDiscoveryTypes	List	No	No	The service discovery types in the cluster. This parameter specifies the service discovery method in an ACK Serverless cluster.	Valid values: CoreDNS: Uses CoreDNS, the standard service discovery component of Kubernetes. You need to deploy a set of containers for DNS parsing. By default, two ECI instances of 0.25 vCPU and 512 MiB of memory are used. PrivateZone: Uses Alibaba Cloud PrivateZone to provide service discovery. You need to enable PrivateZone. This feature is disabled by default.
VpcId	String	No	No	The VPC used by the cluster.	None
ServiceCidr	String	No	No	The CIDR block for services.	The CIDR block can be `10.0.0.0/16-24`, `172.16-31.0.0/16-24`, or `192.168.0.0/16-24`. The CIDR block cannot overlap with the VPC CIDR block `10.1.0.0/21` or the CIDR blocks of existing Kubernetes clusters in the VPC. You cannot change the CIDR block after the cluster is created. Note The default CIDR block is `172.19.0.0/20`.
SnatEntry	Boolean	No	No	Specifies whether to configure an SNAT rule for the VPC.	Valid values: true (default): A NAT Gateway is created and an SNAT rule is automatically configured. Set this parameter to true if nodes or applications in your cluster need to access the Internet. false: A NAT Gateway and an SNAT rule are not created. In this mode, nodes and applications in the cluster cannot access the Internet. Note If you do not enable this feature when you create the cluster, you can manually enable it later if your business requires Internet access. For more information, see Enable Internet access for a cluster.
Tags	List	No	Yes	The node labels.	Tag definition rules: Tags are case-sensitive key-value pairs. You can specify up to 20 tags. The tag key cannot be a duplicate. It can be up to 64 characters in length. The tag value can be empty and can be up to 128 characters in length. The tag key and tag value cannot start with `aliyun`, `acs:`, `https://`, or `http://`. For more information, see Labels and Selectors.
PrivateZone	Boolean	No	No	Specifies whether to enable the PrivateZone service.	Valid values: true: Enables the PrivateZone service. false: Disables the PrivateZone service.
MaintenanceWindow	Map	No	Yes	The maintenance window of the cluster.	For more information, see MaintenanceWindow properties.
IpStack	String	No	No	The IP stack of the cluster.	Valid values: ipv4 ipv6

MaintenanceWindow syntax

"MaintenanceWindow": {
  "Enable": Boolean,
  "MaintenanceTime": String,
  "Duration": String,
  "WeeklyPeriod": String,
  "Recurrence": String
}

MaintenanceWindow properties

Property	Type	Required	Updatable	Description	Constraints
Enable	Boolean	No	Yes	Specifies whether to enable the maintenance window.	Valid values: `true`: Enables the maintenance window. `false`: Disables the maintenance window. Default value: `false`.
MaintenanceTime	String	No	Yes	The start time of the maintenance.	RFC3339 format.
Duration	String	No	Yes	The duration of the maintenance.	The value must be in the range of [1, 24]. Unit: hours. Default value: 3h.
WeeklyPeriod	String	No	Yes	The maintenance period.	Separate multiple values with commas (,). Valid values: {Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, Sunday} Default value: `Thursday`.
Recurrence	String	No	Yes	The recurrence rule for the maintenance window, defined using the RFC5545 Recurrence Rule syntax.	Currently, only FREQ=WEEKLY is supported. COUNT and UNTIL are not supported.

Addons syntax

"Addons": [
  {
    "Config": String,
    "Disabled": Boolean,
    "Name": String,
    "Version": String
  }
]

Addons properties

Property	Type	Required	Allowing updates	Description	Constraints
Config	String	No	No	The component configuration.	None
Disabled	Boolean	No	No	Specifies whether to disable default installation.	When a cluster is created, in addition to the required components, some other components such as logging components are installed. You can disable this default behavior and install these components later by calling the component installation API or in the console. Valid values: true: Disables default installation. false: Allows default installation.
Name	String	Yes	No	The name of the component.	None
Version	String	No	No	The version of the component.	If you leave this parameter empty, the latest version is selected by default.

Tags syntax

"Tags": [
  {
    "Value": String,
    "Key": String
  }
]

Tags properties

Property	Type	Required	Updatable	Description	Constraints
Value	String	No	No	The value of the tag.	None
Key	String	Yes	No	Tag Value	None

DeleteOptions syntax

"DeleteOptions": [
  {
    "DeleteMode": String,
    "ResourceType": String
  }
]

DeleteOptions properties

Property

Type

Required

Updatable

Description

Constraints

DeleteMode

String

Yes

The deletion policy for this type of resource.

Valid values:

delete: Deletes this type of resource.
retain: Retains this type of resource.

ResourceType

String

Yes

The resource type.

Valid values:

SLB: The SLB resource created by a service. By default, this resource is deleted. You can choose to retain it.
ALB: The ALB resource created by the ALB Ingress controller. By default, this resource is retained. You can choose to delete it.
SLS_Data: The Simple Log Service (SLS) project used by the cluster logging feature. By default, this resource is retained. You can choose to delete it.
SLS_ControlPlane: The SLS project used by the control plane logs of the ACK managed cluster. By default, this resource is retained. You can choose to delete it.
PrivateZone: The PrivateZone resource created by the ACK Serverless cluster. By default, this resource is retained. You can choose to delete it.

Return values

Fn::GetAtt

TaskId: The ID of the task.
ClusterId: The ID of the cluster.
APIServerSLBId: The ID of the API server SLB.
ScalingGroupId: The ID of the scaling group.
ScalingRuleId: The ID of the scaling rule.
DefaultUserKubeConfig: The default Kubernetes configuration used to configure cluster credentials.
WorkerRamRoleName: The name of the worker node RAM role.
ScalingConfigurationId: The ID of the scaling configuration.
PrivateUserKubConfig: The private Kubernetes configuration used to configure cluster credentials.
Nodes: A list of cluster nodes.
IngressSLBId: The ID of the Ingress SLB.

Examples

YAML

ROSTemplateFormatVersion: '2015-09-01'
Description: Test creating an ASKCluster
Parameters: {}
Resources:
  VSwitch:
    Type: ALIYUN::ECS::VSwitch
    Properties:
      VSwitchName: mytest
      VpcId:
        Ref: Vpc
      CidrBlock: 192.168.1.0/24
      ZoneId:
        Fn::Select:
          - '0'
          - Fn::GetAZs:
              Ref: ALIYUN::Region
  Vpc:
    Type: ALIYUN::ECS::VPC
    Properties:
      VpcName: mytest
      CidrBlock: 192.168.0.0/16
  ASKCluster:
    Type: ALIYUN::CS::ASKCluster
    Properties:
      VpcId:
        Ref: Vpc
      ClusterSpec: ack.pro.small
      Name: mytest
      VSwitchIds:
        - Ref: VSwitch
Outputs:
  ClusterId:
    Value:
      Fn::GetAtt:
        - ASKCluster
        - ClusterId
  TaskId:
    Value:
      Fn::GetAtt:
        - ASKCluster
        - TaskId

JSON

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Description": "Test creating an ASKCluster",
  "Parameters": {},
  "Resources": {
    "VSwitch": {
      "Type": "ALIYUN::ECS::VSwitch",
      "Properties": {
        "VSwitchName": "mytest",
        "VpcId": {
          "Ref": "Vpc"
        },
        "CidrBlock": "192.168.1.0/24",
        "ZoneId": {
          "Fn::Select": [
            "0",
            {
              "Fn::GetAZs": {
                "Ref": "ALIYUN::Region"
              }
            }
          ]
        }
      }
    },
    "Vpc": {
      "Type": "ALIYUN::ECS::VPC",
      "Properties": {
        "VpcName": "mytest",
        "CidrBlock": "192.168.0.0/16"
      }
    },
    "ASKCluster": {
      "Type": "ALIYUN::CS::ASKCluster",
      "Properties": {
        "VpcId": {
          "Ref": "Vpc"
        },
        "ClusterSpec": "ack.pro.small",
        "Name": "mytest",
        "VSwitchIds": [
          {
            "Ref": "VSwitch"
          }
        ]
      }
    }
  },
  "Outputs": {
    "ClusterId": {
      "Value": {
        "Fn::GetAtt": [
          "ASKCluster",
          "ClusterId"
        ]
      }
    },
    "TaskId": {
      "Value": {
        "Fn::GetAtt": [
          "ASKCluster",
          "TaskId"
        ]
      }
    }
  }
}