CreateCluster - Container Service for Kubernetes - Alibaba Cloud Documentation Center

This topic is generated by a machine translation engine without any human intervention. ALIBABA CLOUD DOES NOT GUARANTEE THE ACCURACY OF MACHINE TRANSLATED CONTENT. To request a human-translated version of this topic or provide feedback on this translation, please include it in the feedback form.

You can call the CreateCluster operation to create a Container Service for Kubernetes (ACK) cluster. ACK clusters include ACK managed clusters, ACK dedicated clusters, ACK Serverless clusters, ACK Edge clusters, ACK clusters that support sandboxed containers, and registered clusters. For more information about how to create different types of ACK clusters, see the following usage notes.

Operation description

This topic describes all request parameters for creating a Container Service for Kubernetes (ACK) cluster. For more information about how to call the API to create each type of ACK cluster, refer to the following topics:

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation
cs:CreateCluster	create	Cluster acs:cs:{#regionId}:{#accountId}:cluster/*	cs:ClusterType cs:ClusterSpec cs:ClusterProfile cs:EnableSecretEncryption cs:EnableApiServerEip cs:EnableAddonLogtailDs cs:EnableCoreControlPlaneComponentsLog cs:AddonNames	none

Request syntax

POST /clusters HTTP/1.1

Request parameters

Parameter	Type	Required	Description	Example
body	object	No	The request body parameters.
name	string	Yes	The name of the cluster. The cluster name must be 1 to 63 characters in length, and can contain digits, letters, and underscores (_). The cluster name cannot start with a hyphen (-).	cluster-demo
region_id	string	Yes	The ID of the region in which the cluster is deployed.	cn-beijing
cluster_type	string	Yes	`Kubernetes`: an ACK dedicated cluster. `ManagedKubernetes`: an ACK managed cluster. ACK managed clusters include ACK Basic clusters, ACK Pro clusters, ACK Serverless clusters (Basic and Pro), ACK Edge clusters (Basic and Pro), and ACK Lingjun clusters (Pro). `ExternalKubernetes`: a registered cluster.	Kubernetes
cluster_spec	string	No	If you set `cluster_type` to `ManagedKubernetes` and specify `profile`, you can further specify the edition of the cluster. Valid values: `ack.pro.small`: creates an ACK Pro cluster. `ack.standard`: creates an ACK Basic cluster. If you leave the parameter empty, an ACK Basic cluster is created.	ack.pro.small
kubernetes_version	string	No	The Kubernetes version of the cluster. The Kubernetes versions supported by ACK are the same as the Kubernetes versions supported by open source Kubernetes. We recommend that you specify the latest Kubernetes version. If you do not specify this parameter, the latest Kubernetes version is used. You can create clusters of the latest two Kubernetes versions in the ACK console. If you want to create clusters that run earlier Kubernetes versions, use the ACK API. For more information about the Kubernetes versions supported by ACK, see Support for Kubernetes versions.	1.16.9-aliyun.1
runtime	runtime	No	The container runtime. The default container runtime is Docker. containerd and Sandboxed-Container are also supported. For more information about how to select a proper container runtime, see Comparison among Docker, containerd, and Sandboxed-Container.
vpcid	string	No	The virtual private cloud (VPC) in which you want to deploy the cluster. This parameter is required.	vpc-2zeik9h3ahvv2zz95****
pod_vswitch_ids	array	No	If you select Terway as the network plug-in, you must allocate vSwitches to pods. Each pod vSwitch must correspond to a worker node vSwitch. Pod vSwitches and worker node vSwitches must reside in the same zone. Note We recommend that you select pod vSwitches whose subnet mask lengths are no longer than 19 bits. The maximum subnet mask length of a pod vSwitch is 25 bits. If you select a pod vSwitch whose subnet mask length is longer than 25 bits, the IP addresses that can be allocated to pods may be insufficient.
	string	No	If you select Terway as the network plug-in, you must allocate vSwitches to pods. Each pod vSwitch must correspond to a worker node vSwitch. Pod vSwitches and worker node vSwitches must reside in the same zone. Note We recommend that you select pod vSwitches whose subnet mask lengths are no longer than 19 bits. The maximum subnet mask length of a pod vSwitch is 25 bits. If you select a pod vSwitch whose subnet mask length is longer than 25 bits, the IP addresses that can be allocated to pods may be insufficient.	vsw-2ze97jwri7cei0mpw****
container_cidr	string	No	The pod CIDR block. You can specify 10.0.0.0/8, 172.16-31.0.0/12-16, 192.168.0.0/16, or their subnets as the pod CIDR block. The pod CIDR block cannot overlap with the CIDR block of the VPC in which the cluster is deployed and the CIDR blocks of existing clusters in the VPC. You cannot modify the pod CIDR block after you create the cluster. For more information about how to plan the network of an ACK cluster, see Plan the network of an ACK cluster. Note This parameter is required if the cluster uses the Flannel plug-in.	172.20.0.0/16
service_cidr	string	Yes	The Service CIDR block. Valid values: 10.0.0.0/16-24, 172.16-31.0.0/16-24, and 192.168.0.0/16-24. The Service CIDR block cannot overlap with the CIDR block of the VPC (10.1.0.0/21) or the CIDR blocks of existing clusters in the VPC. You cannot modify the CIDR block of Services after the cluster is created. By default, the Service CIDR block is set to 172.19.0.0/20.	172.21.0.0/20
security_group_id	string	No	The ID of an existing security group. You must specify this parameter or `is_enterprise_security_group`. Cluster nodes are automatically added to the security group.	sg-bp1bdue0qc1g7k****
is_enterprise_security_group	boolean	No	Specifies whether to create an advanced security group. This parameter takes effect only if `security_group_id` is not specified. Note To use a basic security group, make sure that the sum of the number of nodes in the cluster and the number of pods that use Terway does not exceed 2,000. Therefore, we recommend that you specify an advanced security group for a cluster that uses Terway. `true`: creates an advanced security group. `false`: does not create an advanced security group. Default value: `true`	true
snat_entry	boolean	No	Specifies whether to configure Source Network Address Translation (SNAT) rules for the VPC in which your cluster is deployed. Valid values: `true`: automatically creates a NAT gateway and configures SNAT rules. Set the value to `true` if nodes and applications in the cluster need to access the Internet. `false`: does not create a NAT gateway or configure SNAT rules. In this case, nodes and applications in the cluster cannot access the Internet. Note If this feature is disabled when you create the cluster, you can also manually enable this feature after you create the cluster. For more information, see Enable an existing ACK cluster to access the Internet. Default value: `true`	true
endpoint_public_access	boolean	No	Specifies whether to enable Internet access for the cluster. You can use an elastic IP address (EIP) to expose the API server. This way, you can access the cluster over the Internet. Valid values: `true`: enables Internet access for the cluster. `false`: disables Internet access for the cluster. If you set the value to false, the API server cannot be accessed over the Internet. Default value: `false`	true
ssh_flags	boolean	No	Specifies whether to enable SSH logon. If this parameter is set to true, you can log on to master nodes in an ACK dedicated cluster over the Internet. This parameter does not take effect for ACK managed clusters. Valid values: `true`: enables SSH logon. `false`: disables SSH logon. Default value: `false`	true
timezone	string	No	The time zone of the cluster.	Asia/Shanghai
node_cidr_mask	string	No	The maximum number of IP addresses that can be assigned to nodes. This number is determined by the node CIDR block. This parameter takes effect only if the cluster uses Flannel network plug-in. Default value: `26`.	25
user_ca	string	No	The custom Certificate Authority (CA) certificate used by the cluster.	-----BEGIN CERTIFICATE-----****
user_data	string	No	The user data of nodes.	IyEvdXNyL2Jpbi9iYXNoCmVjaG8gIkhlbGxvIEFD****
cluster_domain	string	No	The domain name of the cluster. The domain name can contain one or more parts that are separated by periods (.). Each part cannot exceed 63 characters in length, and can contain lowercase letters, digits, and hyphens (-). Each part must start and end with a lowercase letter or digit.	cluster.local
node_name_mode	string	No	The custom node name. A custom node name consists of a prefix, a node IP address, and a suffix. The prefix and suffix can contain multiple parts that are separated by periods (.). Each part can contain lowercase letters, digits, and hyphens (-), and must start and end with a lowercase letter or digit. The IP substring length specifies the number of digits to be truncated from the end of the node IP address. The IP substring length ranges from 5 to 12. For example, if the node IP address is 192.168.0.55, the prefix is aliyun.com, the IP substring length is 5, and the suffix is test, the node name is aliyun.com00055test.	aliyun.com00055test
custom_san	string	No	The custom subject alternative names (SANs) for the API server certificate to accept requests from specified IP addresses or domain names. Separate multiple IP addresses and domain names by commas (,).	cs.aliyun.com
encryption_provider_key	string	No	The ID of the Key Management Service (KMS) key that is used to encrypt the system disk. For more information, see What is KMS? Note The key can be used only in ACK Pro clusters.	0fe64791-55eb-4fc7-84c5-c6c7cdca****
service_account_issuer	string	No	Provides identities for pods when pods communicate with the `API server` of the cluster. `service-account-issuer` specifies the issuer of the `serviceaccount token`, which is specified by using the `iss` field in the `token payload`. For more information about `ServiceAccount`, see Enable service account token volume projection.	kubernetes.default.svc
api_audiences	string	No	Provides identities for pods when pods communicate with the `API server` of the cluster. `api-audiences` are used by the `API server` to check whether the `tokens` of requests are legitimate. `Separate multiple values with commas (,).` For more information about `ServiceAccount`, see Enable service account token volume projection.	kubernetes.default.svc
image_id	string	No	The custom image. By default, the image provided by ACK is used. You can select a custom image to replace the default image. For more information, see Use a custom image to create an ACK cluster.	m-bp16z7xko3vvv8gt****
rds_instances	array	No	The ApsaraDB RDS instances. Select the ApsaraDB RDS instances that you want to add to the whitelist. We recommend that you add the pod CIDR block and node CIDR block to the ApsaraDB RDS instances in the ApsaraDB RDS console. When you configure the ApsaraDB RDS instances, you cannot scale out the number of nodes because the instances are not in the Running state.
	string	No	The ApsaraDB RDS instances. Select the ApsaraDB RDS instances that you want to add to the whitelist. We recommend that you add the pod CIDR block and node CIDR block to the ApsaraDB RDS instances in the ApsaraDB RDS console. When you configure the ApsaraDB RDS instances, you cannot scale out the number of nodes because the instances are not in the Running state.	rm-2zev748xi27xc****
tags	array	No	The tags to be added to nodes. You must add labels based on the following rules: A label is a case-sensitive key-value pair. You can add up to 20 labels. When you add a tag, you must specify a unique key but you can leave the value empty. A key cannot exceed 64 characters in length and a value cannot exceed 128 characters in length. Keys and values cannot start with aliyun, acs:, https://, or http://. For more information, see Labels and Selectors.
	tag	No	The tags to be added to nodes. You must add labels based on the following rules: A label is a case-sensitive key-value pair. You can add up to 20 labels. When you add a tag, you must specify a unique key but you can leave the value empty. A key cannot exceed 64 characters in length and a value cannot exceed 128 characters in length. Keys and values cannot start with aliyun, acs:, https://, or http://. For more information, see Labels and Selectors.
addons	array	No	The components that you want to install in the cluster. When you create a cluster, you can specify `addons` to install specific components. Network plug-in: required. The Flannel and Terway plug-ins are supported. Select one of the plug-ins for the cluster. Specify the Flannel plug-in in the following format: [{"name":"flannel","config":""}]. If you want to use the Terway component, specify the value in the [{"Name": "terway-eniip","Config": ""}] format. Volume plug-in: optional. Only the `CSI` plug-in is supported. Specify the `CSI` plug-in in the following format: [{"name":"csi-plugin","config": ""},{"name": "csi-provisioner","config": ""}]. Simple Log Service component: optional. We recommend that you enable Simple Log Service. If Simple Log Service is disabled, you cannot use the cluster auditing feature. Specify an existing `Simple Log Service project` in the following format: [{"name": "logtail-ds","config": "{"IngressDashboardEnabled":"true","sls_project_name":"your_sls_project_name"}"}]. To create a `Simple Log Service project`, specify the component in the following format: [{"name": "logtail-ds","config": "{"IngressDashboardEnabled":"true"}"}]. Ingress controller`: optional. By default, the nginx-ingress-controller component is installed in ACK dedicated clusters.` To install nginx-ingress-controller and enable Internet access, specify the Ingress controller in the following format: [{"name":"nginx-ingress-controller","config":"{"IngressSlbNetworkType":"internet"}"}]. To disable the automatic installation of nginx-ingress-controller, specify the component in the following format: [{"name": "nginx-ingress-controller","config": "","disabled": true}]. Event center: optional. By default, the event center feature is enabled. You can use ACK event centers to store and query events and configure alerts. You can use the Logstores that are associated with ACK event centers free of charge within 90 days. For more information, see Create and use an event center. Enable the ack-node-problem-detector component in the following format: [{"name":"ack-node-problem-detector","config":"{"sls_project_name":"your_sls_project_name"}"}].
	addon	No	The component that you want to install in the cluster. When you create a cluster, you can configure the `addons` parameter to specify the components that you want to install.
taints	array	No	The taint. Taints can be used together with tolerations to avoid scheduling pods to specified nodes. For more information, see taint-and-toleration.
	taint	No	The taint. Taints can be used together with tolerations to avoid scheduling pods to specified nodes. For more information, see taint-and-toleration.
cloud_monitor_flags	boolean	No	Specifies whether to install the CloudMonitor agent. Valid values: `true`: installs the CloudMonitor agent. `false`: does not install the CloudMonitor agent. Default value: `false`	true
platform	string	No	The operating system distribution. Valid values: CentOS AliyunLinux QbootAliyunLinux Qboot Windows WindowsCore Default value: `CentOS`.	CentOS
os_type	string	No	The type of OS. Valid values: Windows Linux Default value: `Linux`.	Linux
soc_enabled	boolean	No	Specifies whether to enable security hardening based on Multi-Level Protection Scheme (MLPS). For more information, see ACK security hardening based on MLPS. Valid values: `true`: enables security hardening based on MLPS. `false`: disables security hardening based on MLPS. Default value: `false`	false
security_hardening_os	boolean	No	Specifies whether to enable Alibaba Cloud Linux Security Hardening. Valid values: `true`: enables Alibaba Cloud Linux Security Hardening. `false`: disables Alibaba Cloud Linux Security Hardening. Default value: `false`	false
cis_enabled`deprecated`	boolean	No	This parameter is deprecated. Use security_hardening_os instead.	false
cpu_policy	string	No	The CPU management policy of nodes in the node pool. The following policies are supported if the Kubernetes version of the cluster is 1.12.6 or later: `static`: allows pods with specific resource characteristics on the node to be granted with enhanced CPU affinity and exclusivity `none`: specifies that the default CPU affinity is used Default value: `none`.	none
proxy_mode	string	No	The kube-proxy mode. Valid values: `iptables`: a mature and stable kube-proxy mode that uses iptables rules to conduct Service discovery and load balancing. The performance of this mode is limited by the size of the cluster. This mode is suitable for clusters that run a small number of Services. `ipvs`: provides high performance and uses IP Virtual Server (IPVS). This allows you to configure service discovery and load balancing. This mode is suitable for clusters that are required to run a large number of services. We recommend that you use this mode in scenarios that require high load balancing performance. Default value: `ipvs`.	ipvs
node_port_range	string	No	The node port range. Valid values: 30000 to 65535. Default value: `30000-32767`.	30000~32767
master_vswitch_ids	array	No	The IDs of the vSwitches that are specified for master nodes. You can specify up to three vSwitches. We recommend that you specify three vSwitches in different zones to ensure high availability. The number of vSwitches must be the same as that specified in `master_count` and the same as those specified in `master_vswitch_ids`.
	string	No	The IDs of the vSwitches that are specified for master nodes. You can specify up to three vSwitches. We recommend that you specify three vSwitches in different zones to ensure high availability. The number of vSwitches must be the same as that specified in `master_count` and the same as those specified in `master_vswitch_ids`.	vsw-2ze3ds0mdip0hdz8i****
key_pair	string	No	The name of the key pair. You must configure this parameter or the `login_password` parameter.	secrity-key
login_password	string	No	The password for SSH logon. You must set this parameter or `key_pair`. The password must be 8 to 30 characters in length, and must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters.	Hello@1234
master_count	long	No	The number of master nodes. Valid values: `3` and `5`. Default value: `3`.	3
master_instance_types	array	No	The instance types of master nodes. For more information, see Overview of instance families.
	string	No	The instance types of master nodes. The number of specified instance types for master nodes must be the same as that specified in `master_count` and the same as those specified in `master_instance_types`. For more information, see Instance families.	ecs.n4.xlarge
master_system_disk_category	string	No	The system disk type of master nodes. Valid values: `cloud_efficiency`: ultra disk `cloud_ssd`: standard SSD `cloud_essd`: Enterprise SSD (ESSD). Default value: `cloud_ssd`. The default value may vary in different zones.	cloud_ssd
master_system_disk_size	long	No	The system disk size of master nodes. Valid values: 40 to 500. Unit: GiB. Default value: `120`.	120
master_system_disk_performance_level	string	No	The performance level (PL) of the system disk that you want to use for master nodes. This parameter takes effect only for ESSDs. For more information about the relationship between disk PLs and disk sizes, see ESSDs .	PL1
master_system_disk_snapshot_policy_id	string	No	The ID of the automatic snapshot policy that is used by the system disk specified for master nodes.	sp-2zej1nogjvovnz4z****
master_instance_charge_type	string	No	The billing method of master nodes. Valid values: `PrePaid`: subscription. `PostPaid`: pay-as-you-go. Default value: `PostPaid`	PrePaid
master_period_unit	string	No	The billing cycle of the master nodes in the cluster. This parameter is required if master_instance_charge_type is set to `PrePaid`. Valid value: `Month`, which indicates that master nodes are billed only on a monthly basis.	Month
master_period	long	No	The subscription duration of master nodes. This parameter takes effect and is required only when `master_instance_charge_type` is set to `PrePaid`. Valid values: 1, 2, 3, 6, 12, 24, 36, 48, and 60. Default value: 1.	1
master_auto_renew	boolean	No	Specifies whether to enable auto-renewal for master nodes. This parameter takes effect only when `master_instance_charge_type` is set to `PrePaid`. Valid values: `true`: enables auto-renewal. `false`: disables auto-renewal. Default value: `true`	true
master_auto_renew_period	long	No	The cycle of auto-renewal. This parameter takes effect and is required only if the subscription billing method is selected for master nodes. Valid values: 1, 2, 3, 6, and 12. Default value: 1.	1
num_of_nodes`deprecated`	long	No	The number of worker nodes. Valid values: 0 to 100.	3
vswitch_ids	array	No	The vSwitches that are specified for nodes in the cluster. This parameter is required if you create an ACK managed cluster that does not contain nodes.
	string	No	The vSwitches that are specified for nodes in the cluster. This parameter is required if you create an ACK managed cluster that does not contain nodes.	vsw-2ze3ds0mdip0hdz8i****
worker_vswitch_ids`deprecated`	array	No	The vSwitches that are specified for worker nodes. Each worker node is allocated a vSwitch. `worker_vswitch_ids` is optional but `vswitch_ids` is required if you create an ACK managed cluster that does not contain nodes.
	string	No	The list of vSwitches that are specified for worker nodes. You can specify 1 to 20 vSwitches. We recommend that you select vSwitches in different zones to ensure high availability. `worker_vswitch_ids` is optional but `vswitch_ids` is required if you create an ACK managed cluster that does not contain nodes.	vsw-2ze3ds0mdip0hdz8i****
worker_instance_types`deprecated`	array	No	The instance configurations of worker nodes.
	string	No	The instance types of a worker node. You must specify at least one instance type. For more information, see Overview of instance families. Note The instance types are listed in descending order of priority. If the system fails to create worker nodes with the instance type of the highest priority, the system attempts to create worker nodes with the instance type of the next highest priority.	ecs.n4.large
worker_system_disk_category`deprecated`	string	No	The system disk category of worker nodes. For more information, see Elastic Block Storage devices. Valid values: `cloud_efficiency`: ultra disk. `cloud_ssd`: standard SSD. Default value: `cloud_ssd`.	cloud_efficiency
worker_system_disk_size`deprecated`	long	No	The system disk size of worker nodes. Unit: GiB. Valid values: 40 to 500. The value of this parameter must be at least 40 and greater than or equal to the image size. Default value: `120`.	120
worker_system_disk_snapshot_policy_id`deprecated`	string	No	The ID of the automatic snapshot policy that is used by the system disk specified for worker nodes.	sp-2zej1nogjvovnz4z****
worker_system_disk_performance_level`deprecated`	string	No	If the system disk is an ESSD, you can specify the PL of the ESSD. For more information, see Enterprise SSDs. Valid values: PL0 PL1 PL2 PL3	PL1
worker_data_disks`deprecated`	array<object>	No	The configurations of the data disks that you want to mount to worker nodes. The configurations include the disk type and disk size.
	object	No	The configurations of data disks.
category	string	Yes	The data disk type.	cloud_essd
encrypted	string	No	Specifies whether to encrypt the data disks. Valid values: `true`: encrypts the data disk. `false`: does not encrypt the data disk. Default value: `false`	true
size	string	Yes	The data disk size. Valid values: 40 to 32767. Unit: GiB.	120
performance_level	string	No	The PL of the data disk. This parameter takes effect only for ESSDs. You can specify a higher PL if you increase the size of a data disk. For more information, see Enterprise SSDs.	PL1
worker_instance_charge_type`deprecated`	string	No	The billing method of worker nodes. Valid values: `PrePaid`: subscription. `PostPaid`: pay-as-you-go. Default value: PostPaid.	PrePaid
worker_period_unit`deprecated`	string	No	The billing cycle of worker nodes. This parameter is required if worker_instance_charge_type is set to `PrePaid`. Valid value: `Month`, which indicates that worker nodes are billed only on a monthly basis.	Month
worker_period`deprecated`	long	No	The subscription duration of worker nodes. This parameter takes effect and is required only when `worker_instance_charge_type` is set to `PrePaid`. Valid values: 1, 2, 3, 6, 12, 24, 36, 48, and 60. Default value: 1.	1
worker_auto_renew`deprecated`	boolean	No	Specifies whether to enable auto renewal for worker nodes. This parameter takes effect and is required only when `worker_instance_charge_type` is set to `PrePaid`. Valid values: `true`: enables auto-renewal. `false`: disables auto-renewal Default value: `true`	true
worker_auto_renew_period`deprecated`	long	No	The cycle of auto-renewal. This parameter takes effect and is required only if the subscription billing method is selected for worker nodes. Valid values: 1, 2, 3, 6, and 12.	1
instances	array	No	The existing Elastic Compute Service (ECS) instances that are specified as worker nodes for the cluster. Note This parameter is required if you create worker nodes on existing ECS instances.
	string	No	The existing ECS instances that are specified as worker nodes for the cluster. Note This parameter is required if you create worker nodes on existing ECS instances.	i-2ze4zxnm36vq00xn****
format_disk	boolean	No	Specifies whether to mount a data disk to a node that is created based on an existing ECS instance. Valid values: `true`: stores the data of containers and images on a data disk. The existing data stored in the data disk is lost. Back up the existing data first. `false`: does not store the data of containers and images on a data disk. Default value: `false` How data disks are mounted: If an ECS instance has data disks mounted and the file system of the last data disk is not initialized, the system automatically formats the data disk to ext4. Then, the system mounts the data disk to /var/lib/docker and /var/lib/kubelet. If no data disk is mounted to the ECS instance, the system does not purchase a new data disk.	false
keep_instance_name	boolean	No	Specifies whether to retain the names of existing ECS instances that are used in the cluster. Valid values: `true`: retains the names. `false`: does not retain the names. The system assigns new names. Default value: `true`	true
service_discovery_types	array	No	The methods for implementing service discovery in `ACK Serverless` clusters. `CoreDNS`: a standard service discovery plug-in that is provided by open source Kubernetes. To use DNS resolution, you must provision pods. By default, two elastic container instances are used. The specification of each instance is 0.25 vCPUs and 512 MiB of memory. `PrivateZone`: a DNS resolution service provided by Alibaba Cloud. You must activate Alibaba Cloud DNS PrivateZone before you can use it for service discovery. By default, this parameter is not specified.
	string	No	The methods for implementing service discovery in `ACK Serverless` clusters. `CoreDNS`: a standard service discovery plug-in that is provided by open source Kubernetes. To use DNS resolution, you must provision pods. By default, two elastic container instances are used. The specification of each instance is 0.25 vCPUs and 512 MiB of memory. `PrivateZone`: a DNS resolution service provided by Alibaba Cloud. You must activate Alibaba Cloud DNS PrivateZone before you can use it for service discovery. By default, this parameter is not specified.	PrivateZone
nat_gateway	boolean	No	This parameter is deprecated. Use `snat_entry` instead.	true
zone_id`deprecated`	string	No	This parameter is deprecated. Use `zone_ids` instead. The ID of the zone to which the cluster belongs. This parameter is specific to ACK managed clusters. When you create an ACK managed cluster, you must set the `zone_id` parameter if `vpc_id` and `vswitch_ids` are not specified. This way, the system automatically creates a VPC in the specified zone. This parameter is invalid if you specify the `vpc_id` and `vswitch_ids` parameters.	cn-beiji****
zone_ids	array	No	The IDs of the zone in which the cluster is deployed. This parameter is specific to ACK managed clusters. When you create an ACK managed cluster, you must set the `zone_id` parameter if `vpc_id` and `vswitch_ids` are not specified. This way, the system automatically creates a VPC in the specified zone. This parameter is invalid if you specify the `vpc_id` and `vswitch_ids` parameters.
	string	No	The ID of the zone in which the cluster is deployed. A vSwitch is automatically created in this zone.	cn-beijing-h
profile	string	No	If you set `cluster_type` to `ManagedKubernetes`, an ACK managed cluster is created. In this case, you can further specify the cluster edition. Valid values: `Default`. an ACK managed cluster. ACK managed clusters include ACK Basic clusters and ACK Pro clusters. `Edge`: an ACK Edge cluster. ACK Edge clusters include ACK Edge Basic clusters and ACK Edge Pro clusters. `Serverless`: an ACK Serverless cluster. ACK Serverless clusters include ACK Serverless Basic clusters and ACK Serverless Pro clusters. `Lingjun`: an ACK Lingjun Pro cluster.	Default
logging_type	string	No	Enables Simple Log Service for the cluster. This parameter takes effect only for ACK Serverless clusters. Valid value: `SLS`.	SLS
controlplane_log_ttl	string	No	The retention period of control plane logs in days.	30
controlplane_log_project	string	No	The Simple Log Service project that is used to store the logs of control plane components. You can use an existing project or create one. If you choose to create a Simple Log Service project, the created project is named in the `k8s-log-{ClusterID}` format.	k8s-log-xxx
controlplane_log_components	array	No	The control plane component for which you want to enable log collection. By default, the log of kube-apiserver, kube-controller-manager, and kube-scheduler is collected.
	string	No	The control plane component for which you want to enable log collection. By default, the log of kube-apiserver, kube-controller-manager, and kube-scheduler is collected.	["apiserver","kcm","scheduler"]
deletion_protection	boolean	No	Specifies whether to enable cluster deletion protection. If this option is enabled, the cluster cannot be deleted in the console or by calling API operations. Valid values: `true`: The cluster cannot be deleted in the Container Service console or by calling API operations. `false`: The cluster can be deleted in the Container Service console or by calling API operations. Default value: `false`	true
disable_rollback`deprecated`	boolean	No	Specifies whether to perform a rollback if the cluster fails to be created. Valid values: `true`: performs a rollback when the cluster fails to be created. `false`: does not perform a rollback when the cluster fails to be created. Default value: `true`	true
timeout_mins	long	No	Specifies the timeout period of cluster creation. Unit: minutes. Default value: `60`.	60
image_type	string	No	The type of OS distribution that you want to use. To specify the node OS, we recommend that you use this parameter. Valid values: CentOS AliyunLinux AliyunLinux Qboot AliyunLinuxUEFI AliyunLinux3 Windows WindowsCore AliyunLinux3Arm64 ContainerOS Default value: `CentOS`.	AliyunLinux
load_balancer_spec	string	No	The specification of the Server Load Balancer (SLB) instance. Valid values: slb.s1.small slb.s2.small slb.s2.medium slb.s3.small slb.s3.medium slb.s3.large Default value: `slb.s2.small`.	slb.s2.small
enable_rrsa	boolean	No	Specifies whether to enable the Resource Access Management (RAM) Roles for Service Accounts (RRSA) feature.	true
resource_group_id	string	No	The ID of the resource group to which the cluster belongs. You can use resource groups to isolate clusters.	rg-acfm3mkrure****
charge_type	string	No	The billing method of the resource. The following resources are billed on a subscription basis: The internal-facing SLB instance used by the API server. Valid values: PrePaid: subscription PostPaid: pay-as-you-go Default value: PostPaid. This parameter was changed on October 15, 2024. For more information, see Announcement on changes to the parameter behavior of the CreateCluster operation.	1
period_unit	string	No	The billing cycle. This parameter is required if charge_type is set to PrePaid. Valid value: Month, which indicates that resources are billed only on a monthly basis. This parameter was changed on October 15, 2024. For more information, see Announcement on changes to the parameter behavior of the CreateCluster operation.	Month
period	long	No	The subscription duration of the instance. This parameter takes effect and is required only when you set charge_type to PrePaid. Valid values: 1, 2, 3, 6, 12, 24, 36, 48, and 60. Default value: 1. This parameter was changed on October 15, 2024. For more information, see Announcement on changes to the parameter behavior of the CreateCluster operation.	FY2023
auto_renew	boolean	No	Specifies whether to enable auto-renewal. This parameter takes effect only when `charge_type` is set to `PrePaid`. Valid values: `true`: enables auto-renewal. `false`: disables auto-renewal. Default value: `false` This parameter was changed on October 15, 2024. For more information, see Announcement on changes to the parameter behavior of the CreateCluster operation.	true
auto_renew_period	long	No	The auto-renewal duration. This parameter takes effect only if charge_type is set to PrePaid and auto_renew is set to true. If you set `period_unit` to Month, the valid values of auto_renew_period are 1, 2, 3, 6, and 12. Default value: 1. This parameter was changed on October 15, 2024. For more information, see Announcement on changes to the parameter behavior of the CreateCluster operation.	1
ip_stack	string	No	The IP stack of the cluster.	Optional value: ipv4 (Single stack) or ipv6 (Dual Stack) Default value: IPV4
access_control_list	array	No	The ACL rule of the SLB instance associated with the API server if the cluster is a registered cluster.
	string	No	The ACL rule of the SLB instance associated with the API server if the cluster is a registered cluster.	192.168.1.0/24
nodepools	array	No	The list of node pools.
	nodepool	No	The node pool configurations.
load_balancer_id	string	No	Specifies the ID of the CLB instance for accessing the API server. If this parameter is specified, the system does not automatically create a CLB instance for the API server.	lb-wz9t256gqa3vbouk****
maintenance_window	maintenance_window	No	Cluster maintenance window.
operation_policy	object	No	Cluster auto operation and maintenance policy.
cluster_auto_upgrade	object	No	Automatic cluster upgrade
enabled	boolean	No	Whether to enable automatic cluster upgrades.	true
channel	string	No	Cluster auto-upgrade frequency. Possible values: patch stable rapid	patch

Response parameters

Parameter	Type	Description	Example
	object	The returned data.
cluster_id	string	The ID of the cluster.	cb95aa626a47740afbf6aa099b650****
request_id	string	The request ID.	687C5BAA-D103-4993-884B-C35E4314A1E1
task_id	string	The task ID.	T-5a54309c80282e39ea00002f

Examples

Sample success responses

JSONformat

{
  "cluster_id": "cb95aa626a47740afbf6aa099b650****",
  "request_id": "687C5BAA-D103-4993-884B-C35E4314A1E1",
  "task_id": "T-5a54309c80282e39ea00002f"
}

Examples

Sample success responses

JSONformat

{
    "cluster_id": "cb95aa626a47740afbf6aa099b650****",
    "task_id": "T-5a54309c80282e39ea00002f",
    "request_id": "687C5BAA-D103-4993-884B-C35E4314A1E1"
}

XMLformat

<cluster_id>cb95aa626a47740afbf6aa099b650****</cluster_id>
<task_id>T-5a54309c80282e39ea00002f</task_id>
<request_id>687C5BAA-D103-4993-884B-C35E4314A1E1</request_id>

Error codes

For a list of error codes, visit the Service error codes.

Change history

Change time	Summary of changes	Operation
2024-10-15	The internal configuration of the API is changed, but the call is not affected	View Change Details
2024-09-13	The internal configuration of the API is changed, but the call is not affected	View Change Details
2024-09-11	The internal configuration of the API is changed, but the call is not affected	View Change Details
2024-09-04	The internal configuration of the API is changed, but the call is not affected	View Change Details
2024-04-22	The internal configuration of the API is changed, but the call is not affected	View Change Details
2024-04-19	The internal configuration of the API is changed, but the call is not affected	View Change Details
2023-08-21	The internal configuration of the API is changed, but the call is not affected	View Change Details
2023-08-08	The internal configuration of the API is changed, but the call is not affected	View Change Details
2022-09-23	The internal configuration of the API is changed, but the call is not affected	View Change Details
2022-08-02	The internal configuration of the API is changed, but the call is not affected	View Change Details
2021-11-24	The internal configuration of the API is changed, but the call is not affected	View Change Details