Tipe resource ALIYUN::CS::ManagedKubernetesCluster digunakan untuk membuat kluster ACK yang dikelola.
Sintaksis
{
"Type": "ALIYUN::CS::ManagedKubernetesCluster",
"Properties": {
"CloudMonitorFlags": Boolean,
"ProxyMode": String,
"SnatEntry": Boolean,
"VpcId": String,
"Tags": List,
"LoginPassword": String,
"ContainerCidr": String,
"Name": String,
"Taint": List,
"KeyPair": String,
"Addons": List,
"ServiceCidr": String,
"KubernetesVersion": String,
"SecurityGroupId": String,
"EndpointPublicAccess": Boolean,
"RrsaConfig": Map,
"ClusterSpec": String,
"TimeoutMins": Number,
"PodVswitchIds": List,
"EncryptionProviderKey": String,
"Runtime": Map,
"SocEnabled": Boolean,
"UserData": String,
"OsType": String,
"IsEnterpriseSecurityGroup": Boolean,
"Platform": String,
"LoadBalancerSpec": String,
"FormatDisk": Boolean,
"NodeCidrMask": String,
"KeepInstanceName": Boolean,
"DeletionProtection": Boolean,
"ResourceGroupId": String,
"NodePools": List,
"NodeNameMode": String,
"SecurityHardeningOs": Boolean,
"DeleteOptions": List,
"ControlPlaneLogComponents": List,
"ControlPlaneLogTtl": Number,
"ControlPlaneLogProject": String,
"MaintenanceWindow": Map,
"ZoneIds": List,
"VSwitchIds": List,
"TimeZone": String,
"IpStack": String
}
}Properti
Nama Properti | Type | Wajib | Dapat Diperbarui | Deskripsi | Batasan |
Name | String | Ya | Tidak | Nama kluster. | Panjang: 1 hingga 63 karakter. Dapat berisi huruf, karakter Tionghoa, angka, dan tanda hubung (-). |
VpcId | String | Ya | Tidak | ID virtual private cloud (VPC). | Jika tidak diatur, sistem secara otomatis membuat VPC dengan blok CIDR 192.168.0.0/16. Atur |
Addons | List | Tidak | Ya | Kombinasi plugin Addon untuk kluster Kubernetes. | Nilai:
Untuk informasi lebih lanjut, lihat Properti Addons. |
SecurityHardeningOs | Boolean | Tidak | Tidak | Penguatan keamanan sistem operasi Alibaba Cloud. | Nilai:
Default: false. |
CloudMonitorFlags | Boolean | Tidak | Tidak | Instal Agen CloudMonitor. | Nilai:
|
ClusterSpec | String | Tidak | Tidak | Jenis kluster ACK yang dikelola. | Nilai:
|
ContainerCidr | String | Tidak | Tidak | Blok CIDR kontainer. | Tidak boleh bertentangan dengan blok CIDR VPC. Jika sistem membuat VPC secara otomatis, blok CIDR default yang digunakan adalah 172.16.0.0/16. |
DeletionProtection | Boolean | Tidak | Ya | Aktifkan perlindungan penghapusan. | Jika diaktifkan, Anda tidak dapat langsung menghapus kluster. Nilai:
|
EncryptionProviderKey | String | Tidak | Tidak | ID kunci yang dikelola oleh Key Management Service (KMS). | Kunci ini mengenkripsi disk data. Gunakan KMS hanya pada kluster Kubernetes profesional yang dikelola. |
EndpointPublicAccess | Boolean | Tidak | Tidak | Aktifkan akses jaringan publik untuk server API. | Nilai:
|
FormatDisk | Boolean | Tidak | Tidak | Apakah Anda ingin memasang disk data ke node yang dibuat dalam instans ECS yang ada? | Nilai:
|
RrsaConfig | Map | Tidak | Tidak | Konfigurasi RRSA. | Untuk informasi lebih lanjut, lihat Properti RrsaConfig. |
IsEnterpriseSecurityGroup | Boolean | Tidak | Tidak | Buat kelompok keamanan tingkat lanjut. | Parameter ini berlaku ketika SecurityGroupId kosong. Nilai:
|
KeepInstanceName | Boolean | Tidak | Tidak | Pertahankan nama instans ECS yang ada yang digunakan dalam kluster. | Nilai:
|
KeyPair | String | Tidak | Tidak | Nama pasangan kunci. | Tentukan KeyPair atau LoginPassword. |
KubernetesVersion | String | Tidak | Ya | Versi kluster, konsisten dengan versi baseline komunitas Kubernetes. Pilih versi terbaru. | Anda dapat membuat kluster dengan dua versi terbaru. Untuk informasi lebih lanjut tentang versi Kubernetes yang didukung ACK, lihat Ikhtisar Rilis Versi Kubernetes (Offline). |
LoadBalancerSpec | String | Tidak | Tidak | Tipe instans SLB. | Nilai:
|
LoginPassword | String | Tidak | Tidak | Password logon SSH. | Panjang: 8 hingga 30 karakter. Harus mencakup huruf, angka, dan karakter khusus. Karakter khusus yang didukung adalah Catatan Tentukan LoginPassword atau KeyPair. |
NodeCidrMask | String | Tidak | Tidak | Jumlah maksimum alamat IP yang dapat ditetapkan ke sebuah node. | Jumlah tersebut bergantung pada CIDR pod yang ditentukan. Parameter ini hanya berlaku ketika kluster menggunakan Plugin Flannel. Default: 25. |
NodeNameMode | String | Tidak | Tidak | Kustomisasi nama node. | Nama node terdiri dari tiga bagian: awalan + substring alamat IP node + akhiran.
Contohnya, jika alamat IP node adalah 192.168.XX.XX, awalan adalah |
NodePools | List | Tidak | Tidak | Informasi kelompok node. | Untuk informasi lebih lanjut, lihat Properti NodePools. |
OsType | String | Tidak | Tidak | Jenis sistem operasi. | Nilai:
|
Platform | String | Tidak | Tidak | Versi rilis sistem operasi. | Nilai:
|
PodVswitchIds | List | Tidak | Tidak | Daftar vSwitch Pod. | Tentukan setidaknya satu vSwitch Pod di zona yang sama untuk setiap vSwitch node. vSwitch Pod tidak boleh sama dengan vSwitch node. Pilih vSwitch dengan mask blok CIDR tidak lebih besar dari 19. Catatan Ketika daftar kluster (Addons) diatur ke komponen jaringan dan jenis jaringan Terway digunakan, Anda harus menentukan PodVswitchIds untuk kluster. |
ProxyMode | String | Tidak | Tidak | Mode kube-proxy. | Nilai:
|
ResourceGroupId | String | Tidak | Ya | ID kelompok resource tempat kluster berada. | Tidak ada |
Runtime | Map | Tidak | Tidak | Runtime kontainer. | Runtime mencakup dua informasi berikut:
Contoh: Untuk informasi lebih lanjut tentang pemilihan runtime kontainer, lihat Perbandingan runtime containerd, kontainer sandbox, dan Docker. Untuk informasi lebih lanjut, lihat Properti Runtime. |
SecurityGroupId | String | Tidak | Tidak | ID grup keamanan tempat instans ECS kluster berada. | Tidak ada |
ServiceCidr | String | Tidak | Tidak | Blok CIDR layanan. | Tidak boleh bertentangan dengan blok CIDR VPC atau blok CIDR kontainer. Jika sistem membuat VPC secara otomatis, blok CIDR default yang digunakan adalah 172.19.0.0/20. |
SnatEntry | Boolean | Tidak | Tidak | Apakah SNAT dikonfigurasi untuk jaringan? | Nilai:
|
SocEnabled | Boolean | Tidak | Tidak | Aktifkan penguatan perlindungan bertingkat. | Nilai:
|
Tags | List | Tidak | Ya | Tag kluster. | Atur hingga 20 grup tag. Untuk informasi lebih lanjut, lihat Properti Tags. |
Taint | List | Tidak | Tidak | Taint node, biasanya untuk kebijakan penjadwalan Pod. | Jika sebuah Pod memiliki toleransi yang cocok dengan taint node, Pod tersebut dapat dijadwalkan ke node tersebut. |
TimeoutMins | Number | Tidak | Tidak | Timeout pembuatan kluster. | Default: 60. Unit: menit. |
UserData | String | Tidak | Tidak | Data pengguna yang dilewatkan saat membuat instans ECS. | Konten harus berada dalam batas 16 KB. Tidak perlu encoding Base64. Gunakan karakter escape untuk karakter khusus. |
DeleteOptions | List | Tidak | Ya | Opsi penghapusan untuk resource yang terkait dengan kluster. | Untuk informasi lebih lanjut, lihat Properti DeleteOptions. |
ControlPlaneLogTtl | Number | Tidak | Ya | Jumlah hari untuk menyimpan log komponen lapisan kontrol. | Tidak ada |
ControlPlaneLogComponents | List | Tidak | Ya | Daftar nama komponen. | Tentukan log komponen lapisan kontrol mana yang akan dikumpulkan. Kumpulkan log dari komponen apiserver, kcm, dan scheduler secara default. |
ControlPlaneLogProject | String | Tidak | Ya | Proyek Simple Log Service untuk log komponen lapisan kontrol. | Gunakan proyek yang sudah ada untuk penyimpanan log, atau biarkan sistem membuatnya secara otomatis. Jika Anda memilih pembuatan otomatis, sistem membuat proyek Simple Log Service bernama |
MaintenanceWindow | Map | Tidak | Ya | Konfigurasi jendela pemeliharaan kluster. | Untuk informasi lebih lanjut, lihat Properti MaintenanceWindow. |
VSwitchIds | List | Ya | Tidak | vSwitch yang terikat ke node pekerja. | Tidak ada |
ZoneIds | List | Tidak | Tidak | Daftar zona. | Tidak ada |
TimeZone | String | Tidak | Tidak | Zona waktu kluster. | Tidak ada |
IpStack | String | Tidak | Tidak | Tumpukan protokol IP kluster. | Nilai:
|
Sintaksis NodePools
"NodePools": [
{
"ScalingGroup": Map,
"KubernetesConfig": Map,
"NodePoolInfo": Map
}
]Properti NodePools
Nama Properti | Tipe | Wajib | Dapat Diperbarui | Deskripsi | Batasan |
ScalingGroup | Map | Ya | Tidak | Konfigurasi grup penskalaan kelompok node. | Untuk informasi lebih lanjut, lihat Properti ScalingGroup. |
KubernetesConfig | Map | Tidak | Tidak | Konfigurasi terkait kluster. | Untuk informasi lebih lanjut, lihat Properti KubernetesConfig. |
NodePoolInfo | Map | Tidak | Tidak | Konfigurasi kelompok node. | Untuk informasi lebih lanjut, lihat Properti NodePoolInfo. |
Sintaksis ScalingGroup
"ScalingGroup": {
"InstancePatterns": List,
"SocEnabled": Boolean,
"ImageType": String,
"SecurityHardeningOs": Boolean,
"RdsInstances": List,
"IsEnterpriseSecurityGroup": Boolean,
"VSwitchIds": List,
"InternetMaxBandwidthOut": Integer,
"DataDisks": List,
"Period": Integer,
"InternetChargeType": String,
"KeyPair": String,
"SystemDiskPerformanceLevel": String,
"ImageId": String,
"InstanceTypes": List,
"SystemDiskCategory": String,
"PeriodUnit": String,
"LoginPassword": String,
"InstanceChargeType": String,
"SystemDiskSize": Integer,
"Tags": List,
"ZoneIds": List,
"DesiredSize": Integer
}Properti ScalingGroup
Nama Properti | Tipe | Wajib | Dapat Diperbarui | Deskripsi | Batasan |
InstanceTypes | List | Tidak | Tidak | Tipe instans. | Tidak ada |
SystemDiskSize | Integer | Ya | Tidak | Ukuran disk sistem node. | Unit: GiB. Rentang: 40 hingga 500. |
VSwitchIds | List | Tidak | Tidak | Daftar ID vSwitch. | Tidak ada |
SocEnabled | Boolean | Tidak | Tidak | Aktifkan penguatan perlindungan bertingkat. | Nilai:
|
ImageType | String | Tidak | Tidak | Jenis gambar sistem operasi. | Tidak ada |
InstancePatterns | List | Tidak | Tidak | Konfigurasi properti instans. | Untuk informasi lebih lanjut, lihat Properti InstancePatterns. |
SecurityHardeningOs | Boolean | Tidak | Tidak | Penguatan keamanan OS Alibaba Cloud. | Nilai:
Default: |
DesiredSize | Integer | Tidak | Tidak | Jumlah node yang diinginkan dalam kelompok node. | Tidak ada |
DataDisks | List | Tidak | Tidak | Konfigurasi disk data kelompok node. | Untuk informasi lebih lanjut, lihat Properti DataDisks. |
ImageId | String | Tidak | Tidak | ID gambar kustom. | Menggunakan gambar yang disediakan sistem secara default. |
InstanceChargeType | String | Tidak | Tidak | Metode penagihan untuk node dalam kelompok node. | Nilai:
|
InternetChargeType | String | Tidak | Tidak | Metode penagihan untuk alamat IP publik. | Nilai:
|
InternetMaxBandwidthOut | Integer | Tidak | Tidak | Bandwidth keluar maksimum untuk alamat IP publik node. | Unit: Mbps. Rentang: 1 hingga 100. |
IsEnterpriseSecurityGroup | Boolean | Tidak | Tidak | Buat kelompok keamanan tingkat enterprise secara otomatis. | Nilai:
|
KeyPair | String | Tidak | Tidak | Nama pasangan kunci untuk logon tanpa password. | Pilih properti KeyPair atau LoginPassword. |
LoginPassword | String | Tidak | Tidak | Password logon SSH. | Pilih KeyPair atau LoginPassword. Aturan password: 8 hingga 30 karakter, harus mencakup huruf kapital, huruf kecil, angka, dan karakter khusus. |
Period | Integer | Tidak | Tidak | Durasi langganan untuk node dalam kelompok node. | Properti ini berlaku dan wajib ketika InstanceChargeType diatur ke PrePaid. Ketika period_unit diatur ke Month, rentang periode: {1, 2, 3, 6, 12}. Default: 1. |
PeriodUnit | String | Tidak | Tidak | Siklus penagihan untuk node dalam kelompok node. | Tentukan periode ketika InstanceChargeType diatur ke PrePaid. Month: Satuan waktu yang setara dengan satu bulan kalender. |
RdsInstances | List | Tidak | Tidak | ID instans ApsaraDB RDS. | Tidak ada |
SystemDiskCategory | String | Tidak | Tidak | Jenis disk sistem node. | Nilai:
|
SystemDiskPerformanceLevel | String | Tidak | Tidak | Tingkat kinerja disk sistem node. | Hanya berlaku untuk disk ESSD. |
Tags | List | Tidak | Tidak | Tambahkan tag hanya ke instans ECS. | Untuk informasi lebih lanjut, lihat Properti Tags. |
ZoneIds | List | Tidak | Tidak | Daftar zona. | Tidak ada |
Sintaksis DataDisks
"DataDisks": [
{
"AutoSnapshotPolicyId": String,
"Encrypted": Boolean,
"Size": Integer,
"Category": String,
"PerformanceLevel": String,
"Categories": List
}
]Properti DataDisks
Nama Properti | Tipe | Wajib | Dapat Diperbarui | Deskripsi | Batasan |
AutoSnapshotPolicyId | String | Tidak | Tidak | Pilih ID kebijakan snapshot otomatis. | Disk cloud secara otomatis dibackup sesuai kebijakan snapshot. |
Category | String | Tidak | Tidak | Jenis disk data. | Nilai:
|
Encrypted | Boolean | Tidak | Tidak | Menentukan apakah disk data dienkripsi. | Nilai:
|
PerformanceLevel | String | Tidak | Tidak | Tingkat kinerja disk data node. | Hanya berlaku untuk disk ESSD. Tingkat kinerja disk terkait dengan ukuran disk. Untuk informasi lebih lanjut, lihat enterprise SSD. |
Size | Integer | Tidak | Tidak | Ukuran disk data. | Unit: GiB. Rentang: 40 hingga 32768. Default: 120. |
Categories | List | Tidak | Tidak | Daftar jenis disk data. | Tidak ada |
Sintaksis KubernetesConfig
"KubernetesConfig": {
"Runtime": String,
"RuntimeVersion": String,
"CpuPolicy": String,
"Labels": List,
"NodeNameMode": String,
"Taints": List
}Properti KubernetesConfig
Nama Properti | Tipe | Wajib | Dapat Diperbarui | Deskripsi | Batasan |
Runtime | String | Ya | Tidak | Runtime kontainer. | Tidak ada |
RuntimeVersion | String | Ya | Tidak | Versi runtime kontainer. | Tidak ada |
CpuPolicy | String | Tidak | Tidak | Kebijakan manajemen CPU node. | Dua kebijakan berikut didukung ketika versi kluster 1.12.6 atau lebih baru:
|
Labels | List | Tidak | Tidak | Label node. | Tambahkan label ke node kluster Kubernetes. Untuk informasi lebih lanjut, lihat Properti Labels. |
NodeNameMode | String | Tidak | Tidak | Kustomisasi nama node. | Nama node terdiri dari tiga bagian: awalan + substring alamat IP node + akhiran.
Contohnya, jika alamat IP node adalah 192.168.XX.XX, awalan adalah |
Taints | List | Tidak | Tidak | Konfigurasi taint. | Untuk informasi lebih lanjut, lihat Properti Taints. |
Sintaksis RrsaConfig
"RrsaConfig":
{
"Enabled": Boolean
}Properti RrsaConfig
Nama Properti | Tipe | Wajib | Izinkan Pembaruan | Deskripsi | Batasan |
Enabled | Boolean | Ya | Tidak | Aktifkan fitur RAM role untuk akun layanan (RRSA). | Nilai:
|
Sintaksis InstancePatterns
"InstancePatterns": [
{
"CpuArchitectures": List,
"MaxCpuCores": Integer,
"MinMemorySize": Integer,
"Memory": Integer,
"InstanceFamilyLevel": String,
"MinCpuCores": Integer,
"Cores": Integer,
"InstanceTypeFamilies": List,
"InstanceCategories": List,
"ExcludedInstanceTypes": List,
"MaxMemorySize": Integer
}
]Properti InstancePatterns
Nama Properti | Tipe | Wajib | Dapat Diperbarui | Deskripsi | Batasan |
CpuArchitectures | List | Tidak | Tidak | Arsitektur CPU instans. | Nilai:
|
MaxCpuCores | Integer | Tidak | Tidak | Jumlah maksimum core vCPU untuk tipe instans. | Tidak ada |
MinMemorySize | Integer | Tidak | Tidak | Ukuran memori minimum untuk tipe instans. | Unit: GiB. |
Memory | Integer | Tidak | Tidak | Ukuran memori untuk tipe instans. | Unit: GiB. |
InstanceFamilyLevel | String | Tidak | Tidak | Tingkat keluarga instans. | Tidak ada |
MinCpuCores | Integer | Tidak | Tidak | Jumlah minimum core vCPU untuk tipe instans. | Tidak ada |
Cores | Integer | Tidak | Tidak | Jumlah core vCPU untuk tipe instans. | Tidak ada |
InstanceTypeFamilies | List | Tidak | Tidak | Tentukan keluarga instans. | Tidak ada |
InstanceCategories | List | Tidak | Tidak | Kategorisasi instans. | Tidak ada |
ExcludedInstanceTypes | List | Tidak | Tidak | Tipe instans yang dikecualikan. | Tidak ada |
MaxMemorySize | Integer | Tidak | Tidak | Ukuran memori maksimum untuk tipe instans. | Unit: GiB. |
Sintaksis Labels
"Labels": {
"Value": String,
"Key": String
}Properti Labels
Nama Properti | Tipe | Wajib | Dapat Diperbarui | Deskripsi | Batasan |
Key | String | Ya | Tidak | Kunci tag. | Tidak ada |
Value | String | Ya | Tidak | Nilai tag. | Tidak ada |
Sintaksis Taints
"Taints": [{
"Value": String,
"Effect": String,
"Key": String
}]Properti Taints
Nama Properti | Type | Wajib | Dapat Diperbarui | Deskripsi | Batasan |
Key | String | Ya | Tidak | Nama taint. | Tidak ada |
Value | String | Ya | Tidak | Nilai taint. | Tidak ada |
Effect | String | Tidak | Tidak | Kebijakan penjadwalan. |
|
Sintaksis NodePoolInfo
"NodePoolInfo": {
"Name": String,
"Type": String,
"ResourceGroupId": String
}Properti NodePoolInfo
Nama Properti | Tipe | Wajib | Dapat Diperbarui | Deskripsi | Batasan |
ResourceGroupId | String | Tidak | Ya | Kelompok resource tempat kelompok node berada. | Tidak ada |
Name | String | Ya | Tidak | Nama kelompok node. | Tidak ada |
Type | String | Tidak | Tidak | Jenis kelompok node. | Nilai:
|
Sintaksis MaintenanceWindow
"MaintenanceWindow": {
"Enable": Boolean,
"MaintenanceTime": String,
"Duration": String,
"WeeklyPeriod": String,
"Recurrence": String
}Properti MaintenanceWindow
Nama Properti | Tipe | Wajib | Dapat Diperbarui | Deskripsi | Batasan |
Duration | String | Tidak | Ya | Durasi pemeliharaan. | Rentang: [1, 24]. Unit: jam. Default: 3h. |
Enable | Boolean | Tidak | Ya | Aktifkan jendela pemeliharaan. | Nilai:
Default: |
MaintenanceTime | String | Tidak | Ya | Waktu mulai pemeliharaan. | Format standar RFC3339. |
WeeklyPeriod | String | Tidak | Ya | Periode pemeliharaan. | Pisahkan beberapa nilai dengan koma (,). Nilai: {Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, Sunday} Default: |
Recurrence | String | Tidak | Ya | Aturan pengulangan untuk jendela pemeliharaan, didefinisikan menggunakan sintaks Aturan Pengulangan RFC5545. | Saat ini hanya mendukung FREQ=WEEKLY. Tidak mendukung penentuan COUNT atau UNTIL. |
Sintaksis Tags
"Tags": [
{
"Key": String,
"Value": String
}
]Properti Tags
Nama Properti | Tipe | Wajib | Dapat Diperbarui | Deskripsi | Batasan |
Key | String | Ya | Tidak | Kunci tag. | Panjang: 1 hingga 64 karakter. Tidak boleh dimulai dengan |
Value | String | Ya | Tidak | Nilai tag. | Panjang: 0 hingga 128 karakter. Tidak boleh dimulai dengan |
Sintaksis Addons
"Addons": [
{
"Version": String,
"Config": String,
"Name": String,
"Disabled": Boolean
}
]Properti Addons
Nama Properti | Tipe | Wajib | Dapat Diperbarui | Deskripsi | Batasan |
Name | String | Ya | Tidak | Nama plugin Addon. | Tidak ada |
Config | String | Tidak | Ya | Konfigurasi plugin Addon. | Tidak ada |
Disabled | Boolean | Tidak | Tidak | Nonaktifkan instalasi default? | Nilai:
|
Version | String | Tidak | Tidak | Versi plugin Addon. | Menggunakan versi terbaru secara default. |
Sintaksis DeleteOptions
"DeleteOptions": [
{
"DeleteMode": String,
"ResourceType": String
}
]Properti DeleteOptions
Nama Properti | Tipe | Wajib | Dapat Diperbarui | Deskripsi | Batasan |
DeleteMode | String | Tidak | Ya | Kebijakan penghapusan untuk tipe resource ini. | Nilai:
|
ResourceType | String | Tidak | Ya | Jenis resource. | Nilai:
|
Sintaksis Runtime
"Runtime": {
"Name": String,
"Version": String
}Properti Runtime
Nama Properti | Tipe | Wajib | Dapat Diperbarui | Deskripsi | Batasan |
Name | String | Ya | Tidak | Nama runtime kontainer. | ACK mendukung tiga runtime kontainer berikut.
Default: |
Version | String | Tidak | Tidak | Versi runtime kontainer. | Default ke versi terbaru. Untuk informasi lebih lanjut, lihat Catatan Rilis Runtime Kontainer Sandbox. |
Nilai Pengembalian
Fn::GetAtt
ClusterId: ID kluster.
TaskId: ID tugas. Sistem menetapkannya secara otomatis sehingga pengguna dapat mengkueri status tugas.
DefaultUserKubeConfig: Konfigurasi Kubernetes default untuk kredensial kluster pengguna.
ScalingRuleId: ID aturan penskalaan.
ScalingGroupId: ID grup penskalaan.
PrivateUserKubConfig: Konfigurasi Kubernetes pribadi untuk kredensial kluster pengguna.
ScalingConfigurationId: ID konfigurasi penskalaan.
Nodes: Daftar node kluster.
APIServerSLBId: ID Server Load Balancer server API.
IngressSLBId: ID Server Load Balancer Ingress.
WorkerRamRoleName: Nama role RAM worker.
Contoh
Skenario 1: Buat kluster ACK yang dikelola.
ROSTemplateFormatVersion: '2015-09-01'
Description: Test Create ManagedKubernetesCluster
Parameters: {}
Resources:
Vpc:
Type: ALIYUN::ECS::VPC
Properties:
VpcName: mytest
CidrBlock: 192.168.0.0/16
VSwitch:
Type: ALIYUN::ECS::VSwitch
Properties:
VSwitchName: mytest
VpcId:
Ref: Vpc
ZoneId:
Fn::Select:
- '0'
- Fn::GetAZs:
Ref: ALIYUN::Region
CidrBlock: 192.168.1.0/24
ManagedKubernetesCluster:
Type: ALIYUN::CS::ManagedKubernetesCluster
Properties:
VSwitchIds:
- Ref: VSwitch
VpcId:
Ref: Vpc
ClusterSpec: ack.pro.small
LoginPassword: Admin@123!
Name: mytest
Outputs:
ClusterId:
Value:
Fn::GetAtt:
- ManagedKubernetesCluster
- ClusterId
TaskId:
Value:
Fn::GetAtt:
- ManagedKubernetesCluster
- TaskId {
"ROSTemplateFormatVersion": "2015-09-01",
"Description": "Test Create ManagedKubernetesCluster",
"Parameters": {
},
"Resources": {
"Vpc": {
"Type": "ALIYUN::ECS::VPC",
"Properties": {
"VpcName": "mytest",
"CidrBlock": "192.168.0.0/16"
}
},
"VSwitch": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"VSwitchName": "mytest",
"VpcId": {
"Ref": "Vpc"
},
"ZoneId": {
"Fn::Select": [
"0",
{
"Fn::GetAZs": {
"Ref": "ALIYUN::Region"
}
}
]
},
"CidrBlock": "192.168.1.0/24"
}
},
"ManagedKubernetesCluster": {
"Type": "ALIYUN::CS::ManagedKubernetesCluster",
"Properties": {
"VSwitchIds": [
{
"Ref": "VSwitch"
}
],
"VpcId": {
"Ref": "Vpc"
},
"ClusterSpec": "ack.pro.small",
"LoginPassword": "Admin@123!",
"Name": "mytest"
}
}
},
"Outputs": {
"ClusterId": {
"Value": {
"Fn::GetAtt": [
"ManagedKubernetesCluster",
"ClusterId"
]
}
},
"TaskId": {
"Value": {
"Fn::GetAtt": [
"ManagedKubernetesCluster",
"TaskId"
]
}
}
}
}Skenario 2: Membuat kluster ACK Dedicated (dalam VPC).
ROSTemplateFormatVersion: '2015-09-01'
Description:
zh-cn: Configure billing methods on the existing VPC, vSwitches, and security groups. Then, create a Kubernetes cluster that includes worker nodes, network settings, and monitoring plugins.
en: Configure billing methods on the existing VPC, switches, and security groups, then proceed to create a Kubernetes cluster inclusive of worker nodes, network configurations, and monitoring plugins.
Parameters:
PayType:
Type: String
Label:
en: ECS Instance Charge Type
zh-cn: ECS Instance Charge Type
AssociationProperty: ChargeType
AssociationPropertyMetadata:
LocaleKey: InstanceChargeType
Default: PostPaid
AllowedValues:
- PostPaid
- PrePaid
PayPeriodUnit:
Type: String
Label:
en: Pay Period Unit
zh-cn: Pay Period Unit
AssociationProperty: PayPeriodUnit
AssociationPropertyMetadata:
Visible:
Condition:
Fn::Not:
Fn::Equals:
- ${PayType}
- PostPaid
Default: Month
AllowedValues:
- Month
- Year
PayPeriod:
Type: Number
Label:
en: Period
zh-cn: Period
AssociationProperty: PayPeriod
AssociationPropertyMetadata:
Visible:
Condition:
Fn::Not:
Fn::Equals:
- ${PayType}
- PostPaid
Default: 1
AllowedValues:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
VpcId:
Type: String
Label:
en: VPC ID
zh-cn: VPC ID
AssociationProperty: ALIYUN::ECS::VPC::VPCId
ZoneId:
Type: String
Label:
en: Zone ID
zh-cn: Zone ID
AssociationProperty: ALIYUN::ECS::Instance:ZoneId
VSwitchId:
Type: String
Label:
en: VSwitch ID
zh-cn: VSwitch ID
AssociationProperty: ALIYUN::ECS::VSwitch::VSwitchId
AssociationPropertyMetadata:
VpcId: ${VpcId}
ZoneId: ${ZoneId}
SecurityGroupId:
Type: String
Label:
en: Business Security Group ID
zh-cn: Business Security Group ID
AssociationProperty: ALIYUN::ECS::SecurityGroup::SecurityGroupId
AssociationPropertyMetadata:
VpcId: ${VpcId}
NumOfNodes:
Type: Number
Label:
zh-cn: Number of worker nodes
en: Number of Worker instances
Default: 3
PodCidr:
Type: String
Label:
zh-cn: Pod Network CIDR
en: Pod Network CIDR
Description:
zh-cn: Enter a valid private CIDR block. Examples include 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, and their subnets.<br/>The CIDR block cannot overlap with the CIDR block of the VPC or the CIDR blocks of existing Kubernetes clusters in the VPC. <font color='blue'><b>This setting cannot be changed after the cluster is created.</font>
en: 'Enter a valid private CIDR block. Examples include 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, and their subnets.<br/>The CIDR block cannot overlap with the CIDR block of the VPC or the CIDR blocks of existing Kubernetes clusters in the VPC. <font color=''blue''><b>This setting cannot be changed after the cluster is created.</font>'
AssociationProperty: ALIYUN::CS::ManagedKubernetesCluster::PodCidr
Default: 172.20.0.0/16
ServiceCidr:
Type: String
Label:
zh-cn: Service CIDR
en: Service CIDR
Description:
zh-cn: Enter a valid CIDR block with a prefix length from 16 to 24. The CIDR block must be within one of the following private network ranges: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16.<br/>The CIDR block cannot overlap with the CIDR block of the VPC or the CIDR blocks of existing Kubernetes clusters in the VPC. <font color='blue'><b>This setting cannot be changed after the cluster is created.</font>
en: 'Enter a valid CIDR block with a prefix length from 16 to 24. The CIDR block must be within one of the following private network ranges: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16.<br/>The CIDR block cannot overlap with the CIDR block of the VPC or the CIDR blocks of existing Kubernetes clusters in the VPC. <font color=''blue''><b>This setting cannot be changed after the cluster is created.</font>'
AssociationProperty: ALIYUN::CS::ManagedKubernetesCluster::ServiceCidr
Default: 172.21.0.0/20
SnatEntry:
Type: Boolean
Label:
zh-cn: Configure SNAT
en: Configure SNAT
Description:
zh-cn: Configure SNAT for the virtual private cloud (VPC).<br/>If resources in your cluster, such as nodes and applications, need to access the public network, select this option. A NAT Gateway is created and SNAT rules are configured for you automatically. <b><a href='https://www.alibabacloud.com/help/en/doc-detail/48126.html' target='_blank'><font color='blue'>NAT Gateway pricing</font></a>
en: Configure SNAT for the virtual private cloud (VPC).<br/>If resources in your cluster, such as nodes and applications, need to access the public network, select this option. A NAT Gateway is created and SNAT rules are configured for you automatically. <b><a href='https://www.alibabacloud.com/help/en/doc-detail/48126.html' target='_blank'><font color='blue'>NAT Gateway pricing</font></a>
Default: true
EndpointPublicAccess:
Type: Boolean
Label:
en: Public Access
zh-cn: Public Access
Description:
en: Expose the API server using an elastic IP address (EIP).<br/>By default, an internal-facing Server Load Balancer (SLB) instance is created for the API server. If you delete this instance, the API server becomes inaccessible.<br><font color='blue'><b>If you do not enable public access, you cannot access the cluster API server from the public network.</font>
zh-cn: Expose the API server using an elastic IP address (EIP).<br/>By default, an internal-facing Server Load Balancer (SLB) instance is created for the API server. If you delete this instance, the API server becomes inaccessible.<br><font color='blue'><b>If you do not enable public access, you cannot access the cluster API server from the public network.</font>
Default: false
CloudMonitorFlag:
Type: Boolean
Label:
zh-cn: Monitoring plugin
en: Monitor Plug-in
Description:
zh-cn: Install the CloudMonitor agent on the ECS nodes.
en: Install the CloudMonitor agent on the ECS nodes.
Default: true
WorkerInstanceTypes:
Type: CommaDelimitedList
AssociationProperty: ALIYUN::ECS::Instance::InstanceType
AssociationPropertyMetadata:
InstanceChargeType: ${PayPeriod}
ZoneId: ${ZoneId}
Label:
en: Instance Type
zh-cn: Instance Type
WorkerSystemDiskSize:
Type: Number
Label:
zh-cn: Worker node system disk size
en: Worker System Disk Space
Description:
zh-cn: The size of the system disk, in GB. Valid values: 40 to 500.
en: 'The size of the system disk, in GB. Valid values: 40 to 500.'
Default: 40
MinValue: 40
MaxValue: 500
WorkerSystemDiskCategory:
Type: String
Label:
en: Worker System Disk Category
zh-cn: Worker node system disk category
AssociationPropertyMetadata:
LocaleKey: DiskCategory
Default: cloud_essd
AllowedValues:
- cloud_efficiency
- cloud_ssd
- cloud_essd
LoginPassword:
Type: String
NoEcho: true
Label:
en: Instance Password
zh-cn: Instance Password
Description:
en: The password must be 8 to 30 characters in length and contain characters from at least three of the following categories: uppercase letters, lowercase letters, digits, and special characters. The supported special characters are ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/
zh-cn: The password must be 8 to 30 characters in length and contain characters from at least three of the following categories: uppercase letters, lowercase letters, digits, and special characters. The supported special characters are ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/
ConstraintDescription:
en: The password must be 8 to 30 characters in length and contain characters from at least three of the following categories: uppercase letters, lowercase letters, digits, and special characters. The supported special characters are ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/
zh-cn: The password must be 8 to 30 characters in length and contain characters from at least three of the following categories: uppercase letters, lowercase letters, digits, and special characters. The supported special characters are ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/
AssociationProperty: ALIYUN::ECS::Instance::Password
Resources:
NodePools:
Type: ALIYUN::CS::ClusterNodePool
Properties:
ClusterId:
Ref: ManagedKubernetesCluster
NodePoolInfo:
Name: default-nodepool
ScalingGroup:
Period:
Ref: PayPeriod
PeriodUnit:
Ref: PayPeriodUnit
InstanceChargeType:
Ref: PayType
VSwitchIds:
- Ref: VSwitchId
ZoneIds:
- Ref: ZoneId
SystemDiskCategory:
Ref: WorkerSystemDiskCategory
SystemDiskSize:
Ref: WorkerSystemDiskSize
InstanceTypes:
Ref: WorkerInstanceTypes
LoginPassword:
Ref: LoginPassword
Platform: AliyunLinux
ImageId: aliyun_3_9_x64_20G_alibase_20231219.vhd
KubernetesConfig:
Runtime: containerd
RuntimeVersion: 1.6.28
Count:
Ref: NumOfNodes
ManagedKubernetesCluster:
Type: ALIYUN::CS::ManagedKubernetesCluster
Properties:
VpcId:
Ref: VpcId
VSwitchIds:
- Ref: VSwitchId
SecurityGroupId:
Ref: SecurityGroupId
ZoneIds:
- Ref: ZoneId
ClusterSpec: ack.pro.small
ContainerCidr:
Ref: PodCidr
ServiceCidr:
Ref: ServiceCidr
LoginPassword:
Ref: LoginPassword
SnatEntry:
Ref: SnatEntry
Addons:
- Name: flannel
Config: ''
CloudMonitorFlags:
Ref: CloudMonitorFlag
ProxyMode: IPVS
EndpointPublicAccess:
Ref: EndpointPublicAccess
Name:
Ref: ALIYUN::StackName
Outputs:
ClusterId:
Value:
Fn::GetAtt:
- ManagedKubernetesCluster
- ClusterId
TaskId:
Value:
Fn::GetAtt:
- ManagedKubernetesCluster
- TaskId
WorkerRamRoleName:
Value:
Fn::GetAtt:
- ManagedKubernetesCluster
- WorkerRamRoleName
Metadata:
ALIYUN::ROS::Interface:
ParameterGroups:
- Parameters:
- PayType
- PayPeriodUnit
- PayPeriod
Label:
default:
en: PayType Configuration
zh-cn: PayType Configuration
- Parameters:
- VpcId
- ZoneId
- VSwitchId
- SecurityGroupId
Label:
default:
zh-cn: Infrastructure Configuration (Required)
en: Infrastructure Configuration (Required)
- Parameters:
- NumOfNodes
- PodCidr
- ServiceCidr
- SnatEntry
- EndpointPublicAccess
- CloudMonitorFlag
- WorkerInstanceTypes
- WorkerSystemDiskSize
- WorkerSystemDiskCategory
- LoginPassword
Label:
default:
zh-cn: Kubernetes Basic Configuration (Required)
en: Kubernetes Basic Configuration (Required)
TemplateTags:
- acs:example:ISV Software Deployment:Create ACK Dedicated Cluster (Existing VPC)
{
"ROSTemplateFormatVersion": "2015-09-01",
"Description": {
"zh-cn": "Configure billing methods on the existing VPC, vSwitches, and security groups. Then, create a Kubernetes cluster that includes worker nodes, network settings, and monitoring plugins.",
"en": "Configure billing methods on the existing VPC, switches, and security groups, then proceed to create a Kubernetes cluster inclusive of worker nodes, network configurations, and monitoring plugins."
},
"Parameters": {
"PayType": {
"Type": "String",
"Label": {
"en": "ECS Instance Charge Type",
"zh-cn": "ECS Instance Charge Type"
},
"AssociationProperty": "ChargeType",
"AssociationPropertyMetadata": {
"LocaleKey": "InstanceChargeType"
},
"Default": "PostPaid",
"AllowedValues": [
"PostPaid",
"PrePaid"
]
},
"PayPeriodUnit": {
"Type": "String",
"Label": {
"en": "Pay Period Unit",
"zh-cn": "Pay Period Unit"
},
"AssociationProperty": "PayPeriodUnit",
"AssociationPropertyMetadata": {
"Visible": {
"Condition": {
"Fn::Not": {
"Fn::Equals": [
"${PayType}",
"PostPaid"
]
}
}
}
},
"Default": "Month",
"AllowedValues": [
"Month",
"Year"
]
},
"PayPeriod": {
"Type": "Number",
"Label": {
"en": "Period",
"zh-cn": "Period"
},
"AssociationProperty": "PayPeriod",
"AssociationPropertyMetadata": {
"Visible": {
"Condition": {
"Fn::Not": {
"Fn::Equals": [
"${PayType}",
"PostPaid"
]
}
}
}
},
"Default": 1,
"AllowedValues": [
1,
2,
3,
4,
5,
6,
7,
8,
9
]
},
"VpcId": {
"Type": "String",
"Label": {
"en": "VPC ID",
"zh-cn": "VPC ID"
},
"AssociationProperty": "ALIYUN::ECS::VPC::VPCId"
},
"ZoneId": {
"Type": "String",
"Label": {
"en": "Zone ID",
"zh-cn": "Zone ID"
},
"AssociationProperty": "ALIYUN::ECS::Instance:ZoneId"
},
"VSwitchId": {
"Type": "String",
"Label": {
"en": "VSwitch ID",
"zh-cn": "VSwitch ID"
},
"AssociationProperty": "ALIYUN::ECS::VSwitch::VSwitchId",
"AssociationPropertyMetadata": {
"VpcId": "${VpcId}",
"ZoneId": "${ZoneId}"
}
},
"SecurityGroupId": {
"Type": "String",
"Label": {
"en": "Business Security Group ID",
"zh-cn": "Business Security Group ID"
},
"AssociationProperty": "ALIYUN::ECS::SecurityGroup::SecurityGroupId",
"AssociationPropertyMetadata": {
"VpcId": "${VpcId}"
}
},
"NumOfNodes": {
"Type": "Number",
"Label": {
"zh-cn": "Number of worker nodes",
"en": "Number of Worker instances"
},
"Default": 3
},
"PodCidr": {
"Type": "String",
"Label": {
"zh-cn": "Pod Network CIDR",
"en": "Pod Network CIDR"
},
"Description": {
"zh-cn": "Enter a valid private CIDR block. Examples include 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, and their subnets.<br/>The CIDR block cannot overlap with the CIDR block of the VPC or the CIDR blocks of existing Kubernetes clusters in the VPC. <font color='blue'><b>This setting cannot be changed after the cluster is created.</font>",
"en": "Enter a valid private CIDR block. Examples include 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, and their subnets.<br/>The CIDR block cannot overlap with the CIDR block of the VPC or the CIDR blocks of existing Kubernetes clusters in the VPC. <font color='blue'><b>This setting cannot be changed after the cluster is created.</font>"
},
"AssociationProperty": "ALIYUN::CS::ManagedKubernetesCluster::PodCidr",
"Default": "172.20.0.0/16"
},
"ServiceCidr": {
"Type": "String",
"Label": {
"zh-cn": "Service CIDR",
"en": "Service CIDR"
},
"Description": {
"zh-cn": "Enter a valid CIDR block with a prefix length from 16 to 24. The CIDR block must be within one of the following private network ranges: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16.<br/>The CIDR block cannot overlap with the CIDR block of the VPC or the CIDR blocks of existing Kubernetes clusters in the VPC. <font color='blue'><b>This setting cannot be changed after the cluster is created.</font>",
"en": "Enter a valid CIDR block with a prefix length from 16 to 24. The CIDR block must be within one of the following private network ranges: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16.<br/>The CIDR block cannot overlap with the CIDR block of the VPC or the CIDR blocks of existing Kubernetes clusters in the VPC. <font color='blue'><b>This setting cannot be changed after the cluster is created.</font>"
},
"AssociationProperty": "ALIYUN::CS::ManagedKubernetesCluster::ServiceCidr",
"Default": "172.21.0.0/20"
},
"SnatEntry": {
"Type": "Boolean",
"Label": {
"zh-cn": "Configure SNAT",
"en": "Configure SNAT"
},
"Description": {
"zh-cn": "Configure SNAT for the virtual private cloud (VPC).<br/>If resources in your cluster, such as nodes and applications, need to access the public network, select this option. A NAT Gateway is created and SNAT rules are configured for you automatically. <b><a href='https://www.alibabacloud.com/help/en/doc-detail/48126.html' target='_blank'><font color='blue'>NAT Gateway pricing</font></a>",
"en": "Configure SNAT for the virtual private cloud (VPC).<br/>If resources in your cluster, such as nodes and applications, need to access the public network, select this option. A NAT Gateway is created and SNAT rules are configured for you automatically. <b><a href='https://www.alibabacloud.com/help/en/doc-detail/48126.html' target='_blank'><font color='blue'>NAT Gateway pricing</font></a>"
},
"Default": true
},
"EndpointPublicAccess": {
"Type": "Boolean",
"Label": {
"en": "Public Access",
"zh-cn": "Public Access"
},
"Description": {
"en": "Expose the API server using an elastic IP address (EIP).<br/>By default, an internal-facing Server Load Balancer (SLB) instance is created for the API server. If you delete this instance, the API server becomes inaccessible.<br><font color='blue'><b>If you do not enable public access, you cannot access the cluster API server from the public network.</font>",
"zh-cn": "Expose the API server using an elastic IP address (EIP).<br/>By default, an internal-facing Server Load Balancer (SLB) instance is created for the API server. If you delete this instance, the API server becomes inaccessible.<br><font color='blue'><b>If you do not enable public access, you cannot access the cluster API server from the public network.</font>"
},
"Default": false
},
"CloudMonitorFlag": {
"Type": "Boolean",
"Label": {
"zh-cn": "Monitoring plugin",
"en": "Monitor Plug-in"
},
"Description": {
"zh-cn": "Install the CloudMonitor agent on the ECS nodes.",
"en": "Install the CloudMonitor agent on the ECS nodes."
},
"Default": true
},
"WorkerInstanceTypes": {
"Type": "CommaDelimitedList",
"AssociationProperty": "ALIYUN::ECS::Instance::InstanceType",
"AssociationPropertyMetadata": {
"InstanceChargeType": "${PayPeriod}",
"ZoneId": "${ZoneId}"
},
"Label": {
"en": "Instance Type",
"zh-cn": "Instance Type"
}
},
"WorkerSystemDiskSize": {
"Type": "Number",
"Label": {
"zh-cn": "Worker node system disk size",
"en": "Worker System Disk Space"
},
"Description": {
"zh-cn": "The size of the system disk, in GB. Valid values: 40 to 500.",
"en": "The size of the system disk, in GB. Valid values: 40 to 500."
},
"Default": 40,
"MinValue": 40,
"MaxValue": 500
},
"WorkerSystemDiskCategory": {
"Type": "String",
"Label": {
"en": "Worker System Disk Category",
"zh-cn": "Worker node system disk category"
},
"AssociationPropertyMetadata": {
"LocaleKey": "DiskCategory"
},
"Default": "cloud_essd",
"AllowedValues": [
"cloud_efficiency",
"cloud_ssd",
"cloud_essd"
]
},
"LoginPassword": {
"Type": "String",
"NoEcho": true,
"Label": {
"en": "Instance Password",
"zh-cn": "Instance Password"
},
"Description": {
"en": "The password must be 8 to 30 characters in length and contain characters from at least three of the following categories: uppercase letters, lowercase letters, digits, and special characters. The supported special characters are ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/",
"zh-cn": "The password must be 8 to 30 characters in length and contain characters from at least three of the following categories: uppercase letters, lowercase letters, digits, and special characters. The supported special characters are ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/"
},
"ConstraintDescription": {
"en": "The password must be 8 to 30 characters in length and contain characters from at least three of the following categories: uppercase letters, lowercase letters, digits, and special characters. The supported special characters are ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/",
"zh-cn": "The password must be 8 to 30 characters in length and contain characters from at least three of the following categories: uppercase letters, lowercase letters, digits, and special characters. The supported special characters are ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/"
},
"AssociationProperty": "ALIYUN::ECS::Instance::Password"
}
},
"Resources": {
"NodePools": {
"Type": "ALIYUN::CS::ClusterNodePool",
"Properties": {
"ClusterId": {
"Ref": "ManagedKubernetesCluster"
},
"NodePoolInfo": {
"Name": "default-nodepool"
},
"ScalingGroup": {
"Period": {
"Ref": "PayPeriod"
},
"PeriodUnit": {
"Ref": "PayPeriodUnit"
},
"InstanceChargeType": {
"Ref": "PayType"
},
"VSwitchIds": [
{
"Ref": "VSwitchId"
}
],
"ZoneIds": [
{
"Ref": "ZoneId"
}
],
"SystemDiskCategory": {
"Ref": "WorkerSystemDiskCategory"
},
"SystemDiskSize": {
"Ref": "WorkerSystemDiskSize"
},
"InstanceTypes": {
"Ref": "WorkerInstanceTypes"
},
"LoginPassword": {
"Ref": "LoginPassword"
},
"Platform": "AliyunLinux",
"ImageId": "aliyun_3_9_x64_20G_alibase_20231219.vhd"
},
"KubernetesConfig": {
"Runtime": "containerd",
"RuntimeVersion": "1.6.28"
},
"Count": {
"Ref": "NumOfNodes"
}
}
},
"ManagedKubernetesCluster": {
"Type": "ALIYUN::CS::ManagedKubernetesCluster",
"Properties": {
"VpcId": {
"Ref": "VpcId"
},
"VSwitchIds": [
{
"Ref": "VSwitchId"
}
],
"SecurityGroupId": {
"Ref": "SecurityGroupId"
},
"ZoneIds": [
{
"Ref": "ZoneId"
}
],
"ClusterSpec": "ack.pro.small",
"ContainerCidr": {
"Ref": "PodCidr"
},
"ServiceCidr": {
"Ref": "ServiceCidr"
},
"LoginPassword": {
"Ref": "LoginPassword"
},
"SnatEntry": {
"Ref": "SnatEntry"
},
"Addons": [
{
"Name": "flannel",
"Config": ""
}
],
"CloudMonitorFlags": {
"Ref": "CloudMonitorFlag"
},
"ProxyMode": "IPVS",
"EndpointPublicAccess": {
"Ref": "EndpointPublicAccess"
},
"Name": {
"Ref": "ALIYUN::StackName"
}
}
}
},
"Outputs": {
"ClusterId": {
"Value": {
"Fn::GetAtt": [
"ManagedKubernetesCluster",
"ClusterId"
]
}
},
"TaskId": {
"Value": {
"Fn::GetAtt": [
"ManagedKubernetesCluster",
"TaskId"
]
}
},
"WorkerRamRoleName": {
"Value": {
"Fn::GetAtt": [
"ManagedKubernetesCluster",
"WorkerRamRoleName"
]
}
}
},
"Metadata": {
"ALIYUN::ROS::Interface": {
"ParameterGroups": [
{
"Parameters": [
"PayType",
"PayPeriodUnit",
"PayPeriod"
],
"Label": {
"default": {
"en": "PayType Configuration",
"zh-cn": "PayType Configuration"
}
}
},
{
"Parameters": [
"VpcId",
"ZoneId",
"VSwitchId",
"SecurityGroupId"
],
"Label": {
"default": {
"zh-cn": "Infrastructure Configuration (Required)",
"en": "Infrastructure Configuration (Required)"
}
}
},
{
"Parameters": [
"NumOfNodes",
"PodCidr",
"ServiceCidr",
"SnatEntry",
"EndpointPublicAccess",
"CloudMonitorFlag",
"WorkerInstanceTypes",
"WorkerSystemDiskSize",
"WorkerSystemDiskCategory",
"LoginPassword"
],
"Label": {
"default": {
"zh-cn": "Kubernetes Basic Configuration (Required)",
"en": "Kubernetes Basic Configuration (Required)"
}
}
}
],
"TemplateTags": [
"acs:example:ISV Software Deployment:Create ACK Dedicated Cluster (Existing VPC)"
]
}
}
}Skenario 3: Bangun layanan mikro menggunakan ACK.
ROSTemplateFormatVersion: '2015-09-01'
Description:
zh-cn: 创建ACK集群,配置VPC、安全组,部署微服务应用,自动伸缩节点池,设置ALB ingress,输出服务访问URL。
en: Create an ACK cluster, configure a VPC and security groups, deploy microservice applications, automatically scale node pools, set up ALB Ingress, and output the service access URL.
Parameters:
CommonName:
Type: String
Default: microservices-on-ack
ManagedKubernetesClusterName:
Type: String
Label:
en: Managed Kubernetes Cluster Name
zh-cn: ACK托管版集群名称
AssociationProperty: AutoCompleteInput
AssociationPropertyMetadata:
Length: 5
Prefix: k8s-hpa-cluster-
CharacterClasses:
- Class: lowercase
min: 1
ZoneId1:
Type: String
AssociationProperty: 'ALIYUN::ECS::Instance::ZoneId'
AssociationPropertyMetadata:
ExclusiveTo:
- ZoneId2
Label:
en: Availability Zone
zh-cn: 可用区1
ZoneId2:
Type: String
AssociationProperty: 'ALIYUN::ECS::Instance::ZoneId'
AssociationPropertyMetadata:
ExclusiveTo:
- ZoneId1
Label:
en: Availability Zone
zh-cn: 可用区2
InstanceType:
Type: CommaDelimitedList
AssociationProperty: 'ALIYUN::ECS::Instance::InstanceType'
AssociationPropertyMetadata:
InstanceChargeType: PostPaid
SystemDiskCategory: cloud_essd
CreateACKClusterParams:
NetworkPlugin: terway-eniip
Label:
en: Instance Type
zh-cn: 实例规格
InstancePassword:
NoEcho: true
Type: String
Description:
en: >-
Server logon password. Length must be 8–30 characters and include three of the following: uppercase letters, lowercase letters, numbers, or special symbols ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/
zh-cn: >-
服务器登录密码,长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)
Label:
en: Instance Password
zh-cn: 实例密码
ConstraintDescription:
en: >-
Length must be 8–30 characters and include three of the following: uppercase letters, lowercase letters, numbers, or special symbols ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/
zh-cn: '长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;''<>,.?/ 中的特殊符号)'
AssociationProperty: 'ALIYUN::ECS::Instance::Password'
Default: null
Resources:
Vpc:
Type: 'ALIYUN::ECS::VPC'
Properties:
CidrBlock: 10.0.0.0/8
VpcName:
Fn::Sub: ${CommonName}-vpc
VSwitch1:
Type: 'ALIYUN::ECS::VSwitch'
Properties:
VpcId:
Ref: Vpc
CidrBlock: 10.0.0.0/24
ZoneId:
Ref: ZoneId1
VSwitchName:
Fn::Sub: ${CommonName}-vsw
VSwitch2:
Type: 'ALIYUN::ECS::VSwitch'
Properties:
VpcId:
Ref: Vpc
CidrBlock: 10.0.1.0/24
ZoneId:
Ref: ZoneId2
VSwitchName:
Fn::Sub: ${CommonName}-vsw
SecurityGroup:
Type: 'ALIYUN::ECS::SecurityGroup'
Properties:
VpcId:
Ref: Vpc
SecurityGroupName:
Fn::Sub: ${CommonName}-sg
SecurityGroupIngress:
- PortRange: 8080/8080
SourceCidrIp: 0.0.0.0/0
IpProtocol: tcp
- PortRange: 80/80
SourceCidrIp: 0.0.0.0/0
IpProtocol: tcp
AckCluster:
Type: 'ALIYUN::CS::ManagedKubernetesCluster'
Properties:
VpcId:
Ref: Vpc
VSwitchIds:
- Ref: VSwitch1
- Ref: VSwitch2
PodVswitchIds:
- Ref: VSwitch1
- Ref: VSwitch1
Name:
Ref: ManagedKubernetesClusterName
KubernetesVersion: 1.33.1-aliyun.1
ServiceCidr: 192.168.0.0/16
ClusterSpec: ack.pro.small
LoadBalancerSpec: slb.s2.small
IsEnterpriseSecurityGroup: true
SnatEntry: true
NumOfNodes: 0
EndpointPublicAccess: true
Platform: AliyunLinux
Addons:
- Name: terway-eniip
Config: '{"IPVlan":"false","NetworkPolicy":"false","ENITrunking":"false"}'
- Name: csi-plugin
- Name: csi-provisioner
- Name: storage-operator
Config: '{"CnfsOssEnable":"false","CnfsNasEnable":"false"}'
- Name: logtail-ds
Config: '{"IngressDashboardEnabled":"true"}'
- Name: nginx-ingress-controller
Disabled: true
- Name: alb-ingress-controller
Version: ""
Config:
Fn::Sub: >-
{"albIngress":{"AddressType":"Internet","ZoneMappings":{"${ZoneId1}":["${VSwitch1}"],
"${ZoneId2}":["${VSwitch2}"]},"CreateDefaultALBConfig":true}}
- Name: ack-node-local-dns
ProxyMode: ipvs
DeleteOptions:
- ResourceType: ALB
DeleteMode: delete
- ResourceType: SLB
DeleteMode: delete
- ResourceType: SLS_Data
DeleteMode: delete
- ResourceType: SLS_ControlPlane
DeleteMode: delete
- ResourceType: PrivateZone
DeleteMode: delete
NodePools:
Type: 'ALIYUN::CS::ClusterNodePool'
Properties:
ClusterId:
Ref: AckCluster
NodePoolInfo:
Name: default-nodepool
ScalingGroup:
InstanceChargeType: PostPaid
VSwitchIds:
- Ref: VSwitch1
- Ref: VSwitch2
ZoneIds:
- Ref: ZoneId1
- Ref: ZoneId2
SystemDiskCategory: cloud_essd
SystemDiskPerformanceLevel: PL0
SystemDiskSize: 120
InstanceTypes:
Ref: InstanceType
LoginPassword:
Ref: InstancePassword
Platform: AliyunLinux
ImageId: aliyun_3_9_x64_20G_alibase_20231219.vhd
KubernetesConfig:
Runtime: containerd
RuntimeVersion: 1.6.28
Count: 3
InstallBackendApp:
Type: 'ALIYUN::CS::ClusterApplication'
DependsOn: NodePools
Properties:
ClusterId:
Ref: AckCluster
YamlContent:
Fn::Sub: |-
apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1
kind: Deployment
metadata:
name: ecs-ack-test-service-a
labels:
app: ecs-ack-test-service-a
spec:
replicas: 2
selector:
matchLabels:
app: ecs-ack-test-service-a
template:
metadata:
labels:
app: ecs-ack-test-service-a
spec:
initContainers:
- name: download-jar
image: dragonwell-registry.cn-hangzhou.cr.aliyuncs.com/dragonwell/dragonwell:8-alinux
command:
- "/bin/sh"
- "-c"
- "curl -o /app/app.jar https://help-static-aliyun-doc.aliyuncs.com/tech-solution/MicroServiceOnAckDemo-1.0.1.jar && echo 'Download jar OK!'"
volumeMounts:
- name: app-jar
mountPath: /app
containers:
- args:
- '-DbHost=http://ecs-ack-test-service-b:8080'
- '-jar'
- '/app/app.jar'
command:
- java
name: ecs-ack-test-service-a
image: dragonwell-registry.cn-hangzhou.cr.aliyuncs.com/dragonwell/dragonwell:8-alinux
env:
- name: APP_MANUAL_DEPLOY
value: "false"
ports:
- containerPort: 8080
resources:
limits:
cpu: '2'
ephemeral-storage: 40Gi
memory: 2Gi
requests:
cpu: '1'
ephemeral-storage: 20Gi
memory: 1Gi
volumeMounts:
- name: app-jar
mountPath: /app
volumes:
- name: app-jar
emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
name: ecs-ack-test-service-a
spec:
selector:
app: ecs-ack-test-service-a
ports:
- protocol: TCP
port: 8080
targetPort: 8080
---
apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1
kind: Deployment
metadata:
name: ecs-ack-test-service-b
labels:
app: ecs-ack-test-service-b
spec:
replicas: 2
selector:
matchLabels:
app: ecs-ack-test-service-b
template:
metadata:
labels:
app: ecs-ack-test-service-b
spec:
initContainers:
- name: download-jar
image: dragonwell-registry.cn-hangzhou.cr.aliyuncs.com/dragonwell/dragonwell:8-alinux
command:
- "/bin/sh"
- "-c"
- "curl -o /app/app.jar https://help-static-aliyun-doc.aliyuncs.com/tech-solution/MicroServiceOnAckDemo-1.0.1.jar && echo 'Download jar OK!'"
volumeMounts:
- name: app-jar
mountPath: /app
containers:
- args:
- '-DbHost=http://ecs-ack-test-service-b:8080'
- '-jar'
- '/app/app.jar'
command:
- java
name: ecs-ack-test-service-b
image: dragonwell-registry.cn-hangzhou.cr.aliyuncs.com/dragonwell/dragonwell:8-alinux
env:
- name: APP_MANUAL_DEPLOY
value: "false"
ports:
- containerPort: 8080
resources:
limits:
cpu: '2'
ephemeral-storage: 40Gi
memory: 2Gi
requests:
cpu: '1'
ephemeral-storage: 20Gi
memory: 1Gi
volumeMounts:
- name: app-jar
mountPath: /app
volumes:
- name: app-jar
emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
name: ecs-ack-test-service-b
spec:
selector:
app: ecs-ack-test-service-b
ports:
- protocol: TCP
port: 8080
targetPort: 8080
AlbConfig:
Type: 'ALIYUN::CS::ClusterApplication'
DependsOn: InstallBackendApp
Properties:
ClusterId:
Ref: AckCluster
YamlContent:
Fn::Sub: |-
apiVersion: alibabacloud.com/v1
kind: AlbConfig
metadata:
name: ecs-ack-test-alb-config
spec:
config:
name: ecs-ack-test-alb
addressType: Internet
zoneMappings:
- vSwitchId: ${VSwitch1}
- vSwitchId: ${VSwitch2}
listeners:
- port: 80
protocol: HTTP
---
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
name: ecs-ack-test-alb
spec:
controller: ingress.k8s.alibabacloud/alb
parameters:
apiGroup: alibabacloud.com
kind: AlbConfig
name: ecs-ack-test-alb-config
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ecs-ack-test-alb-ingress
spec:
ingressClassName: ecs-ack-test-alb
rules:
- http:
paths:
- path: /a
pathType: ImplementationSpecific
backend:
service:
name: ecs-ack-test-service-a
port:
number: 8080
- path: /b
pathType: ImplementationSpecific
backend:
service:
name: ecs-ack-test-service-b
port:
number: 8080
WaitAlbIngress:
Type: ALIYUN::ROS::Sleep
DependsOn: AlbConfig
Properties:
CreateDuration: 120
IngressInfo:
Type: 'DATASOURCE::CS::ClusterApplicationResources'
DependsOn: WaitAlbIngress
Properties:
ClusterId:
Ref: AckCluster
Kind: Ingress
Namespace: default
JsonPath: $.items.[0].status.loadBalancer.ingress.[0].hostname
FirstMatch: true
Outputs:
UrlServiceA:
Description:
zh-cn: A服务访问地址。
en: The endpoint for service A.
Value:
'Fn::Sub': http://${IngressInfo}/a
UrlServiceB:
Description:
zh-cn: B服务访问地址。
en: The endpoint for service B.
Value:
'Fn::Sub': http://${IngressInfo}/b
Metadata:
'ALIYUN::ROS::Interface':
ParameterGroups:
- Parameters:
- SlsProjectName
- ManagedKubernetesClusterName
- ZoneId1
- ZoneId2
- InstanceType
- InstancePassword
TemplateTags:
- acs:technical-solution:micro:how-to-quickly-build-microservices-using-ack-tech_solu_124
Hidden:
- CommonName{
"ROSTemplateFormatVersion": "2015-09-01",
"Description": {
"zh-cn": "创建ACK集群,配置VPC、安全组,部署微服务应用,自动伸缩节点池,设置ALB ingress,输出服务访问URL。",
"en": "Create an ACK cluster, configure a VPC and security groups, deploy microservice applications, automatically scale node pools, set up ALB Ingress, and output the service access URL."
},
"Parameters": {
"CommonName": {
"Type": "String",
"Default": "microservices-on-ack"
},
"ManagedKubernetesClusterName": {
"Type": "String",
"Label": {
"en": "Managed Kubernetes Cluster Name",
"zh-cn": "ACK托管版集群名称"
},
"AssociationProperty": "AutoCompleteInput",
"AssociationPropertyMetadata": {
"Length": 5,
"Prefix": "k8s-hpa-cluster-",
"CharacterClasses": [
{
"Class": "lowercase",
"min": 1
}
]
}
},
"ZoneId1": {
"Type": "String",
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",
"AssociationPropertyMetadata": {
"ExclusiveTo": [
"ZoneId2"
]
},
"Label": {
"en": "Availability Zone",
"zh-cn": "可用区1"
}
},
"ZoneId2": {
"Type": "String",
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",
"AssociationPropertyMetadata": {
"ExclusiveTo": [
"ZoneId1"
]
},
"Label": {
"en": "Availability Zone",
"zh-cn": "可用区2"
}
},
"InstanceType": {
"Type": "CommaDelimitedList",
"AssociationProperty": "ALIYUN::ECS::Instance::InstanceType",
"AssociationPropertyMetadata": {
"InstanceChargeType": "PostPaid",
"SystemDiskCategory": "cloud_essd",
"CreateACKClusterParams": {
"NetworkPlugin": "terway-eniip"
}
},
"Label": {
"en": "Instance Type",
"zh-cn": "实例规格"
}
},
"InstancePassword": {
"NoEcho": true,
"Type": "String",
"Description": {
"en": "Server logon password. Length must be 8–30 characters and include three of the following: uppercase letters, lowercase letters, numbers, or special symbols ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/",
"zh-cn": "服务器登录密码,长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)"
},
"Label": {
"en": "Instance Password",
"zh-cn": "实例密码"
},
"ConstraintDescription": {
"en": "Length must be 8–30 characters and include three of the following: uppercase letters, lowercase letters, numbers, or special symbols ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/",
"zh-cn": "长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)"
},
"AssociationProperty": "ALIYUN::ECS::Instance::Password",
"Default": null
}
},
"Resources": {
"Vpc": {
"Type": "ALIYUN::ECS::VPC",
"Properties": {
"CidrBlock": "10.0.0.0/8",
"VpcName": {
"Fn::Sub": "${CommonName}-vpc"
}
}
},
"VSwitch1": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"CidrBlock": "10.0.0.0/24",
"ZoneId": {
"Ref": "ZoneId1"
},
"VSwitchName": {
"Fn::Sub": "${CommonName}-vsw"
}
}
},
"VSwitch2": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"CidrBlock": "10.0.1.0/24",
"ZoneId": {
"Ref": "ZoneId2"
},
"VSwitchName": {
"Fn::Sub": "${CommonName}-vsw"
}
}
},
"SecurityGroup": {
"Type": "ALIYUN::ECS::SecurityGroup",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"SecurityGroupName": {
"Fn::Sub": "${CommonName}-sg"
},
"SecurityGroupIngress": [
{
"PortRange": "8080/8080",
"SourceCidrIp": "0.0.0.0/0",
"IpProtocol": "tcp"
},
{
"PortRange": "80/80",
"SourceCidrIp": "0.0.0.0/0",
"IpProtocol": "tcp"
}
]
}
},
"AckCluster": {
"Type": "ALIYUN::CS::ManagedKubernetesCluster",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"VSwitchIds": [
{
"Ref": "VSwitch1"
},
{
"Ref": "VSwitch2"
}
],
"PodVswitchIds": [
{
"Ref": "VSwitch1"
},
{
"Ref": "VSwitch1"
}
],
"Name": {
"Ref": "ManagedKubernetesClusterName"
},
"KubernetesVersion": "1.33.1-aliyun.1",
"ServiceCidr": "192.168.0.0/16",
"ClusterSpec": "ack.pro.small",
"LoadBalancerSpec": "slb.s2.small",
"IsEnterpriseSecurityGroup": true,
"SnatEntry": true,
"NumOfNodes": 0,
"EndpointPublicAccess": true,
"Platform": "AliyunLinux",
"Addons": [
{
"Name": "terway-eniip",
"Config": "{\"IPVlan\":\"false\",\"NetworkPolicy\":\"false\",\"ENITrunking\":\"false\"}"
},
{
"Name": "csi-plugin"
},
{
"Name": "csi-provisioner"
},
{
"Name": "storage-operator",
"Config": "{\"CnfsOssEnable\":\"false\",\"CnfsNasEnable\":\"false\"}"
},
{
"Name": "logtail-ds",
"Config": "{\"IngressDashboardEnabled\":\"true\"}"
},
{
"Name": "nginx-ingress-controller",
"Disabled": true
},
{
"Name": "alb-ingress-controller",
"Version": "",
"Config": {
"Fn::Sub": "{\"albIngress\":{\"AddressType\":\"Internet\",\"ZoneMappings\":{\"${ZoneId1}\":[\"${VSwitch1}\"], \"${ZoneId2}\":[\"${VSwitch2}\"]},\"CreateDefaultALBConfig\":true}}"
}
},
{
"Name": "ack-node-local-dns"
}
],
"ProxyMode": "ipvs",
"DeleteOptions": [
{
"ResourceType": "ALB",
"DeleteMode": "delete"
},
{
"ResourceType": "SLB",
"DeleteMode": "delete"
},
{
"ResourceType": "SLS_Data",
"DeleteMode": "delete"
},
{
"ResourceType": "SLS_ControlPlane",
"DeleteMode": "delete"
},
{
"ResourceType": "PrivateZone",
"DeleteMode": "delete"
}
]
}
},
"NodePools": {
"Type": "ALIYUN::CS::ClusterNodePool",
"Properties": {
"ClusterId": {
"Ref": "AckCluster"
},
"NodePoolInfo": {
"Name": "default-nodepool"
},
"ScalingGroup": {
"InstanceChargeType": "PostPaid",
"VSwitchIds": [
{
"Ref": "VSwitch1"
},
{
"Ref": "VSwitch2"
}
],
"ZoneIds": [
{
"Ref": "ZoneId1"
},
{
"Ref": "ZoneId2"
}
],
"SystemDiskCategory": "cloud_essd",
"SystemDiskPerformanceLevel": "PL0",
"SystemDiskSize": 120,
"InstanceTypes": {
"Ref": "InstanceType"
},
"LoginPassword": {
"Ref": "InstancePassword"
},
"Platform": "AliyunLinux",
"ImageId": "aliyun_3_9_x64_20G_alibase_20231219.vhd"
},
"KubernetesConfig": {
"Runtime": "containerd",
"RuntimeVersion": "1.6.28"
},
"Count": 3
}
},
"InstallBackendApp": {
"Type": "ALIYUN::CS::ClusterApplication",
"DependsOn": "NodePools",
"Properties": {
"ClusterId": {
"Ref": "AckCluster"
},
"YamlContent": {
"Fn::Sub": "apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1\nkind: Deployment\nmetadata:\n name: ecs-ack-test-service-a\n labels:\n app: ecs-ack-test-service-a\nspec:\n replicas: 2\n selector:\n matchLabels:\n app: ecs-ack-test-service-a\n template:\n metadata:\n labels:\n app: ecs-ack-test-service-a\n spec:\n initContainers:\n - name: download-jar\n image: dragonwell-registry.cn-hangzhou.cr.aliyuncs.com/dragonwell/dragonwell:8-alinux\n command:\n - \"/bin/sh\"\n - \"-c\"\n - \"curl -o /app/app.jar https://help-static-aliyun-doc.aliyuncs.com/tech-solution/MicroServiceOnAckDemo-1.0.1.jar && echo 'Download jar OK!'\"\n volumeMounts:\n - name: app-jar\n mountPath: /app\n containers:\n - args:\n - '-DbHost=http://ecs-ack-test-service-b:8080'\n - '-jar'\n - '/app/app.jar'\n command:\n - java\n name: ecs-ack-test-service-a\n image: dragonwell-registry.cn-hangzhou.cr.aliyuncs.com/dragonwell/dragonwell:8-alinux\n env:\n - name: APP_MANUAL_DEPLOY\n value: \"false\"\n ports:\n - containerPort: 8080\n resources:\n limits:\n cpu: '2'\n ephemeral-storage: 40Gi\n memory: 2Gi\n requests:\n cpu: '1'\n ephemeral-storage: 20Gi\n memory: 1Gi\n volumeMounts:\n - name: app-jar\n mountPath: /app\n volumes:\n - name: app-jar\n emptyDir: {}\n---\napiVersion: v1\nkind: Service\nmetadata:\n name: ecs-ack-test-service-a\nspec:\n selector:\n app: ecs-ack-test-service-a\n ports:\n - protocol: TCP\n port: 8080\n targetPort: 8080\n---\napiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1\nkind: Deployment\nmetadata:\n name: ecs-ack-test-service-b\n labels:\n app: ecs-ack-test-service-b\nspec:\n replicas: 2\n selector:\n matchLabels:\n app: ecs-ack-test-service-b\n template:\n metadata:\n labels:\n app: ecs-ack-test-service-b\n spec:\n initContainers:\n - name: download-jar\n image: dragonwell-registry.cn-hangzhou.cr.aliyuncs.com/dragonwell/dragonwell:8-alinux\n command:\n - \"/bin/sh\"\n - \"-c\"\n - \"curl -o /app/app.jar https://help-static-aliyun-doc.aliyuncs.com/tech-solution/MicroServiceOnAckDemo-1.0.1.jar && echo 'Download jar OK!'\"\n volumeMounts:\n - name: app-jar\n mountPath: /app\n containers:\n - args:\n - '-DbHost=http://ecs-ack-test-service-b:8080'\n - '-jar'\n - '/app/app.jar'\n command:\n - java\n name: ecs-ack-test-service-b\n image: dragonwell-registry.cn-hangzhou.cr.aliyuncs.com/dragonwell/dragonwell:8-alinux\n env:\n - name: APP_MANUAL_DEPLOY\n value: \"false\"\n ports:\n - containerPort: 8080\n resources:\n limits:\n cpu: '2'\n ephemeral-storage: 40Gi\n memory: 2Gi\n requests:\n cpu: '1'\n ephemeral-storage: 20Gi\n memory: 1Gi\n volumeMounts:\n - name: app-jar\n mountPath: /app\n volumes:\n - name: app-jar\n emptyDir: {}\n---\napiVersion: v1\nkind: Service\nmetadata:\n name: ecs-ack-test-service-b\nspec:\n selector:\n app: ecs-ack-test-service-b\n ports:\n - protocol: TCP\n port: 8080\n targetPort: 8080"
}
}
},
"AlbConfig": {
"Type": "ALIYUN::CS::ClusterApplication",
"DependsOn": "InstallBackendApp",
"Properties": {
"ClusterId": {
"Ref": "AckCluster"
},
"YamlContent": {
"Fn::Sub": "apiVersion: alibabacloud.com/v1\nkind: AlbConfig\nmetadata:\n name: ecs-ack-test-alb-config\nspec:\n config:\n name: ecs-ack-test-alb\n addressType: Internet\n zoneMappings:\n - vSwitchId: ${VSwitch1}\n - vSwitchId: ${VSwitch2}\n listeners:\n - port: 80\n protocol: HTTP\n---\napiVersion: networking.k8s.io/v1\nkind: IngressClass\nmetadata:\n name: ecs-ack-test-alb\nspec:\n controller: ingress.k8s.alibabacloud/alb\n parameters:\n apiGroup: alibabacloud.com\n kind: AlbConfig\n name: ecs-ack-test-alb-config\n---\napiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n name: ecs-ack-test-alb-ingress\nspec:\n ingressClassName: ecs-ack-test-alb \n rules:\n - http:\n paths:\n - path: /a\n pathType: ImplementationSpecific\n backend:\n service:\n name: ecs-ack-test-service-a\n port:\n number: 8080\n - path: /b\n pathType: ImplementationSpecific\n backend:\n service:\n name: ecs-ack-test-service-b\n port: \n number: 8080"
}
}
},
"WaitAlbIngress": {
"Type": "ALIYUN::ROS::Sleep",
"DependsOn": "AlbConfig",
"Properties": {
"CreateDuration": 120
}
},
"IngressInfo": {
"Type": "DATASOURCE::CS::ClusterApplicationResources",
"DependsOn": "WaitAlbIngress",
"Properties": {
"ClusterId": {
"Ref": "AckCluster"
},
"Kind": "Ingress",
"Namespace": "default",
"JsonPath": "$.items.[0].status.loadBalancer.ingress.[0].hostname",
"FirstMatch": true
}
}
},
"Outputs": {
"UrlServiceA": {
"Description": {
"zh-cn": "A服务访问地址。",
"en": "The endpoint for service A."
},
"Value": {
"Fn::Sub": "http://${IngressInfo}/a"
}
},
"UrlServiceB": {
"Description": {
"zh-cn": "B服务访问地址。",
"en": "The endpoint for service B."
},
"Value": {
"Fn::Sub": "http://${IngressInfo}/b"
}
}
},
"Metadata": {
"ALIYUN::ROS::Interface": {
"ParameterGroups": [
{
"Parameters": [
"SlsProjectName",
"ManagedKubernetesClusterName",
"ZoneId1",
"ZoneId2",
"InstanceType",
"InstancePassword"
]
}
],
"TemplateTags": [
"acs:technical-solution:micro:how-to-quickly-build-microservices-using-ack-tech_solu_124"
],
"Hidden": [
"CommonName"
]
}
}
}Untuk contoh lainnya, lihat templat publik yang berisi resource ini.