All Products
Search

This Product

    Resource Orchestration Service:ALIYUN::CS::ASKCluster

    Document Center

    Resource Orchestration Service:ALIYUN::CS::ASKCluster

    Last Updated:Jul 02, 2024

    ALIYUN::CS::ASKCluster is used to create a serverless Kubernetes (ASK) cluster.

    Syntax

    {
  "Type": "ALIYUN::CS::ASKCluster",
  "Properties": {
    "KubernetesVersion": String,
    "EndpointPublicAccess": Boolean,
    "ZoneId": String,
    "ResourceGroupId": String,
    "VSwitchIds": List,
    "SecurityGroupId": String,
    "Addons": List,
    "DeletionProtection": Boolean,
    "ClusterSpec": String,
    "Name": String,
    "TimeZone": String,
    "ServiceDiscoveryTypes": List,
    "VpcId": String,
    "ServiceCidr": String,
    "SnatEntry": Boolean,
    "Tags": List,
    "PrivateZone": Boolean
  }
}

    Properties

    Property

    Type

    Required

    Editable

    Description

    Constraint

    KubernetesVersion

    String

    No

    No

    The version of the cluster.

    None.

    EndpointPublicAccess

    Boolean

    No

    No

    Specifies whether to allow the cluster to access the API server over the Internet.

    Valid values:

    • true (default)

    • false

    ZoneId

    String

    No

    No

    The ID of the zone that belongs to the region of the cluster.

    If you do not specify VpcId and VSwitchIds when you create an ASK cluster, you must specify ZoneId for the cluster to automatically create virtual private cloud (VPC) resources in the zone.

    ResourceGroupId

    String

    No

    Yes

    The ID of the resource group to which the cluster belongs.

    None.

    VSwitchIds

    List

    No

    No

    The IDs of the vSwitches to which the nodes in the cluster are connected.

    You can specify up to three vSwitches.

    Note

    You must specify this property when you create a Container Service for Kubernetes (ACK) managed cluster that does not contain nodes.

    SecurityGroupId

    String

    No

    No

    The ID of the security group to which the Elastic Compute Service (ECS) instances in the cluster belong.  

    None.

    Addons

    List

    No

    No

    The components in the cluster.

    None.

    DeletionProtection

    Boolean

    No

    No

    Specifies whether to enable deletion protection to prevent the cluster from being deleted in the ACK console or by calling specific ACK API operations.

    Valid values:

    • true

    • false (default)

    ClusterSpec

    String

    No

    No

    The type of the ACK managed cluster.

    Valid values:

    • ack.pro.small: ACK Pro cluster

    • ack.standard (default): ACK standard cluster

    Note

    If you leave this property empty, an ACK standard cluster is created.

    For more information, see Overview of ACK Pro clusters.

    Name

    String

    Yes

    No

    The cluster name.

    The name must be 1 to 63 characters in length, and can contain digits, letters, and hyphens (-). It cannot start with a hyphen (-).

    TimeZone

    String

    No

    No

    The time zone of the cluster.

    None.

    ServiceDiscoveryTypes

    List

    No

    No

    The method for implementing service discovery in the cluster.

    Valid values:

    • CoreDNS: CoreDNS, which is a standard service discovery plug-in that is provided by open source Kubernetes. You must provision pods for Domain Name System (DNS) resolution. By default, two elastic container instances are used. The specifications of each instance are 0.25 vCPUs and 512 MiB of memory.

    • PrivateZone: Alibaba Cloud DNS PrivateZone, which is a service that is provided by Alibaba Cloud. You must activate Alibaba Cloud DNS PrivateZone before you use it to implement service discovery.

    VpcId

    String

    No

    No

    The VPC of the cluster.

    None.

    ServiceCidr

    String

    No

    No

    The Service CIDR block.

    Valid values: 10.0.0.0/16-24, 172.16-31.0.0/16-24, and 192.168.0.0/16-24. The Service CIDR block cannot overlap with the VPC CIDR block 10.1.0.0/21 or the CIDR blocks of existing ACK clusters in the VPC. You cannot change the Service CIDR block after you create the cluster.

    Note

    By default, 172.19.0.0/20 is used as the Service CIDR block.

    SnatEntry

    Boolean

    No

    No

    Specifies whether to configure SNAT rules for the VPC.

    Valid values:

    • true (default): If you set this property to true, the system creates a NAT gateway and configures SNAT rules. You must use this value if nodes and applications in the cluster need to access the Internet.

    • false: If you set this property to false, the system does not create a NAT gateway or configure SNAT rules. In this case, nodes and applications in the cluster cannot access the Internet.

    Note

    If you set this property to false when you create the cluster, you can manually enable Internet access to meet your business requirements after you create the cluster. For more information, see Enable an existing ACK cluster to access the Internet.

    Tags

    List

    No

    Yes

    The tags that you want to add to the nodes.

    You must add tags based on the following rules:

    • Each tag is a case-sensitive key-value pair. You can add up to 20 tags.

    • A key must be unique and can be up to 64 characters in length. A value can be an empty string or up to 128 characters in length. Keys and values cannot start with aliyun, acs:, https://, or http://. For more information, see Labels and Selectors.

    PrivateZone

    Boolean

    No

    No

    Specifies whether to enable Alibaba Cloud DNS PrivateZone.

    Valid values:

    • true

    • false

    Addons syntax

    "Addons": [
  {
    "Config": String,
    "Disabled": Boolean,
    "Name": String
  }
]

    Addons properties

    Property

    Type

    Required

    Editable

    Description

    Constraint

    Config

    String

    No

    No

    The configurations of the component.

    None.

    Disabled

    Boolean

    No

    No

    Specifies whether to disable default installation.

    In addition to the required components, specific optional components, such as Simple Log Service (SLS) components, are also installed by default when you create a cluster. You can configure this property to disable the default installation of optional components. You can install the optional component in the ACK console or by calling specific ACK API operations after the cluster is created.

    Valid values:

    • true

    • false

    Name

    String

    Yes

    No

    The component name.

    None.

    Tags syntax

    "Tags": [
  {
    "Value": String,
    "Key": String
  }
]

    Tags properties

    Property

    Type

    Required

    Editable

    Description

    Constraint

    Value

    String

    No

    No

    The tag key.

    None.

    Key

    String

    Yes

    No

    The tag value.

    None.

    Return values

    Fn::GetAtt

    • TaskId: the task ID.

    • ClusterId: the cluster ID.

    • APIServerSLBId: the ID of the Server Load Balancer (SLB) instance that is associated with the API server.

    • ScalingGroupId: the ID of the scaling group.

    • ScalingRuleId: the ID of the scaling rule.

    • DefaultUserKubeConfig: the default configurations of user credentials for the cluster.

    • WorkerRamRoleName: the name of the Resource Access Management (RAM) role for the worker nodes.

    • ScalingConfigurationId: the ID of the scaling configuration.

    • PrivateUserKubConfig: the private configurations of user credentials for the cluster.

    • Nodes: the nodes in the cluster.

    • IngressSLBId: the ID of the SLB Ingress.

    Examples

    YAML format

    ROSTemplateFormatVersion: '2015-09-01'
Description: Test Create ASKCluster
Parameters: {}
Resources:
  VSwitch:
    Type: ALIYUN::ECS::VSwitch
    Properties:
      VSwitchName: mytest
      VpcId:
        Ref: Vpc
      CidrBlock: 192.168.1.0/24
      ZoneId:
        Fn::Select:
          - '0'
          - Fn::GetAZs:
              Ref: ALIYUN::Region
  Vpc:
    Type: ALIYUN::ECS::VPC
    Properties:
      VpcName: mytest
      CidrBlock: 192.168.0.0/16
  ASKCluster:
    Type: ALIYUN::CS::ASKCluster
    Properties:
      VpcId:
        Ref: Vpc
      ClusterSpec: ack.pro.small
      Name: mytest
      VSwitchIds:
        - Ref: VSwitch
Outputs:
  ClusterId:
    Value:
      Fn::GetAtt:
        - ASKCluster
        - ClusterId
  TaskId:
    Value:
      Fn::GetAtt:
        - ASKCluster
        - TaskId

    JSON format

    {
  "ROSTemplateFormatVersion": "2015-09-01",
  "Description": "Test Create ASKCluster",
  "Parameters": {},
  "Resources": {
    "VSwitch": {
      "Type": "ALIYUN::ECS::VSwitch",
      "Properties": {
        "VSwitchName": "mytest",
        "VpcId": {
          "Ref": "Vpc"
        },
        "CidrBlock": "192.168.1.0/24",
        "ZoneId": {
          "Fn::Select": [
            "0",
            {
              "Fn::GetAZs": {
                "Ref": "ALIYUN::Region"
              }
            }
          ]
        }
      }
    },
    "Vpc": {
      "Type": "ALIYUN::ECS::VPC",
      "Properties": {
        "VpcName": "mytest",
        "CidrBlock": "192.168.0.0/16"
      }
    },
    "ASKCluster": {
      "Type": "ALIYUN::CS::ASKCluster",
      "Properties": {
        "VpcId": {
          "Ref": "Vpc"
        },
        "ClusterSpec": "ack.pro.small",
        "Name": "mytest",
        "VSwitchIds": [
          {
            "Ref": "VSwitch"
          }
        ]
      }
    }
  },
  "Outputs": {
    "ClusterId": {
      "Value": {
        "Fn::GetAtt": [
          "ASKCluster",
          "ClusterId"
        ]
      }
    },
    "TaskId": {
      "Value": {
        "Fn::GetAtt": [
          "ASKCluster",
          "TaskId"
        ]
      }
    }
  }
}