CreateCluster - Container Service for Kubernetes - Alibaba Cloud Documentation Center

This topic is generated by a machine translation engine without any human intervention. ALIBABA CLOUD DOES NOT GUARANTEE THE ACCURACY OF MACHINE TRANSLATED CONTENT. To request a human-translated version of this topic or provide feedback on this translation, please include it in the feedback form.

Creates a Container Service for Kubernetes (ACK) cluster. For example, you can create an ACK managed cluster, ACK Serverless cluster, ACK Edge cluster, or registered cluster. When you create an ACK cluster, you need to configure the cluster information, components, and cloud resources used by ACK.

Operation description

Generate API request parameters in the ACK console

When you fail to create an ACK cluster by calling the CreateCluster operation due to invalid parameter settings, you can generate valid API request parameters in the ACK console. Procedure:

Log on to the ACK console. In the left-side navigation pane, click Clusters.
On the Cluster page, click Cluster Templates.
In the Select Cluster Template dialog box, select the type of cluster that you want to create and click Create. Then, configure the cluster setting parameters.
After you configure the cluster parameters, click Generate API Request Parameters in the Confirm Order step.

The API request parameters are displayed in the API Request Parameters dialog box.

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- For mandatory resource types, indicate with a prefix of * .
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation

Operation	Access level	Resource type	Condition key	Associated operation
cs:CreateCluster	create	Cluster `acs:cs:{#regionId}:{#accountId}:cluster/`	cs:ClusterType cs:ClusterSpec cs:ClusterProfile cs:EnableSecretEncryption cs:EnableApiServerEip cs:EnableAddonLogtailDs cs:EnableCoreControlPlaneComponentsLog cs:AddonNames	none

Request syntax

            
POST /clusters HTTP/1.1

Request parameters

Parameter	Type	Required	Description	Example

Parameter	Type	Required	Description	Example
body	object	No	The request body.
name	string	Yes	The cluster name. The name must be 1 to 63 characters in length, and can contain digits, letters, and hyphens (-). The name cannot start with a hyphen (-).	cluster-demo
region_id	string	Yes	The ID of the region in which the cluster is deployed. For more information about the regions supported by ACK, see Regions supported by ACK.	cn-beijing
cluster_type	string	Yes	`Kubernetes`: ACK dedicated cluster. `ManagedKubernetes`: ACK managed cluster. ACK managed clusters include ACK Basic clusters, ACK Pro clusters, ACK Serverless clusters (Basic Edition and Pro Edition), ACK Edge clusters (Basic Edition and Pro Edition), and ACK Lingjun clusters (Pro Edition). `ExternalKubernetes`: registered cluster.	Kubernetes
cluster_spec	string	No	If you set `cluster_type` to `ManagedKubernetes` and specify `profile`, you can further specify the edition of the cluster. Valid values: `ack.pro.small`: Pro Edition. `ack.standard`: Basic Edition. If you leave the parameter empty, an ACK Basic cluster is created.	ack.pro.small
kubernetes_version	string	No	The Kubernetes version of the cluster. The Kubernetes versions supported by ACK are the same as the Kubernetes versions supported by open source Kubernetes. We recommend that you specify the latest Kubernetes version. If you do not specify this parameter, the latest Kubernetes version is used. You can create ACK clusters of the latest three Kubernetes versions in the ACK console. If you want to create clusters that run earlier Kubernetes versions, use the ACK API. For more information about the Kubernetes versions supported by ACK, see Support for Kubernetes versions.	1.16.9-aliyun.1
runtime	runtime	No	The container runtime. The default container runtime is Docker. containerd and Sandboxed-Container are also supported. For more information about how to select a proper container runtime, see Comparison among Docker, containerd, and Sandboxed-Container.
vpcid	string	No	The virtual private cloud (VPC) in which you want to deploy the cluster. This parameter is required.	vpc-2zeik9h3ahvv2zz95****
pod_vswitch_ids	array	No	If you select Terway as the network plug-in, you must allocate vSwitches to pods. For each vSwitch that allocates IP addresses to worker nodes, you must select a vSwitch in the same zone to allocate IP addresses to pods. Note We recommend that you select pod vSwitches whose subnet masks do not exceed 19 bits in length. The maximum subnet mask length of a pod vSwitch is 25 bits. If you select a pod vSwitch whose subnet mask exceeds 25 bits in length, the IP addresses that can be allocated to pods may be insufficient.
	string	No	If you select Terway as the network plug-in, you must allocate vSwitches to pods. For each vSwitch that allocates IP addresses to worker nodes, you must select a vSwitch in the same zone to allocate IP addresses to pods. Note We recommend that you select pod vSwitches whose subnet masks do not exceed 19 bits in length. The maximum subnet mask length of a pod vSwitch is 25 bits. If you select a pod vSwitch whose subnet mask exceeds 25 bits in length, the IP addresses that can be allocated to pods may be insufficient.	vsw-2ze97jwri7cei0mpw****
container_cidr	string	No	The pod CIDR block. You can specify 10.0.0.0/8, 172.16-31.0.0/12-16, 192.168.0.0/16, or their subnets as the pod CIDR block. The pod CIDR block cannot overlap with the CIDR block of the VPC in which the cluster is deployed and the CIDR blocks of existing clusters in the VPC. You cannot modify the pod CIDR block after you create the cluster. For more information about how to plan the network of an ACK cluster, see Plan the network of an ACK cluster. Note This parameter is required if the cluster uses the Flannel plug-in.	172.20.0.0/16
service_cidr	string	Yes	The Service CIDR block. Valid values: 10.0.0.0/16-24, 172.16-31.0.0/16-24, and 192.168.0.0/16-24. The Service CIDR block cannot overlap with the VPC CIDR block (10.1.0.0/21) or the CIDR blocks of existing clusters in the VPC. You cannot modify the Service CIDR block after the cluster is created. By default, the Service CIDR block is set to 172.19.0.0/20.	172.21.0.0/20
security_group_id	string	No	The ID of an existing security group. You must specify this parameter or `is_enterprise_security_group`. Cluster nodes are automatically added to the security group.	sg-bp1bdue0qc1g7k****
is_enterprise_security_group	boolean	No	Specifies whether to create an advanced security group. This parameter takes effect only if `security_group_id` is left empty. Note To use a basic security group, make sure that the sum of the number of nodes in the cluster and the number of pods that use Terway does not exceed 2,000. Therefore, we recommend that you specify an advanced security group for a cluster that uses Terway. `true`: creates an advanced security group. `false`: does not create an advanced security group. Default value: `true`.	true
snat_entry	boolean	No	Specifies whether to configure SNAT rules for the VPC in which your cluster is deployed. Valid values: `true`: automatically creates a NAT gateway and configures SNAT rules. Set the value to `true` if nodes and applications in the cluster need to access the Internet. `false`: does not create a NAT gateway or configure SNAT rules. In this case, nodes and applications in the cluster cannot access the Internet. Note If this feature is disabled when you create the cluster, you can also manually enable this feature after you create the cluster. For more information, see Enable an existing ACK cluster to access the Internet. Default value: `true`.	true
endpoint_public_access	boolean	No	Specifies whether to enable Internet access for the cluster. You can use an elastic IP address (EIP) to expose the API server. This way, you can access the cluster over the Internet. Valid values: `true`: enables Internet access for the cluster. `false`: disables Internet access for the cluster. If you set the value to false, the API server cannot be accessed over the Internet. Default value: `false`.	true
ssh_flags	boolean	No	Specifies whether to enable SSH logon. If this parameter is set to true, you can log on to master nodes in an ACK dedicated cluster over the Internet. This parameter does not take effect for ACK managed clusters. Valid values: `true`: enables SSH logon. `false`: disables SSH logon. Default value: `false`.	true
timezone	string	No	The time zone of the cluster.	Asia/Shanghai
node_cidr_mask	string	No	The maximum number of IP addresses that can be assigned to each node. This number is determined by the subnet mask of the specified CIDR block. This parameter takes effect only if the cluster uses the Flannel plug-in. Default value: `26`.	25
user_ca	string	No	The custom Certificate Authority (CA) certificate used by the cluster.	-----BEGIN CERTIFICATE-----****
user_data	string	No	The user data of nodes.	IyEvdXNyL2Jpbi9iYXNoCmVjaG8gIkhlbGxvIEFD****
cluster_domain	string	No	The domain name of the cluster. The domain name can contain one or more parts that are separated by periods (.). Each part cannot exceed 63 characters in length, and can contain lowercase letters, digits, and hyphens (-). Each part must start and end with a lowercase letter or digit.	cluster.local
node_name_mode`deprecated`	string	No	[Deprecated] When you configure a node pool, use the `node_name_mode` parameter of the `kubernetes_config` field in the `nodepool` section instead. The custom node name. A custom node name consists of a prefix, a node IP address, and a suffix. The prefix and suffix can contain multiple parts that are separated by periods (.). Each part can contain lowercase letters, digits, and hyphens (-), and must start and end with a lowercase letter or digit. The IP substring length specifies the number of digits to be truncated from the end of the node IP address. The IP substring length ranges from 5 to 12. For example, if the node IP address is 192.168.0.55, the prefix is aliyun.com, the IP substring length is 5, and the suffix is test, the node name will aliyun.com00055test.	aliyun.com00055test
custom_san	string	No	The custom subject alternative names (SANs) for the API server certificate to accept requests from specified IP addresses or domain names. Separate multiple IP addresses and domain names with commas (,).	cs.aliyun.com
encryption_provider_key	string	No	The ID of the Key Management Service (KMS) key that is used to encrypt the system disk. For more information, see What is KMS? Note The key can be used only in ACK Pro clusters.	0fe64791-55eb-4fc7-84c5-c6c7cdca****
service_account_issuer	string	No	Service accounts provide identities for pods when pods communicate with the `API server` of the cluster. `service-account-issuer` specifies the issuer of the `serviceaccount token`, which is specified by using the `iss` field in the `token payload`. For more information about `ServiceAccount`, see Enable service account token volume projection.	kubernetes.default.svc
api_audiences	string	No	Service accounts provide identities for pods when pods communicate with the `API server` of the cluster. The `api-audiences` parameter validates `tokens` and is used by the `API server` to check whether the `tokens` of requests are valid. Separate multiple values with commas (,).`` For more information about `service accounts`, see Enable service account token volume projection.	kubernetes.default.svc
image_id`deprecated`	string	No	[Deprecated] When you configure the control plane, use the `image_id` parameter in the `control_plane_config` section instead. When you configure a node pool, use the `image_id` parameter of the `scaling_group` field in the `nodepool` section instead. The custom image for nodes. By default, the image provided by ACK is used. You can select a custom image to replace the default image. For more information, see Use a custom image to create an ACK cluster.	m-bp16z7xko3vvv8gt****
rds_instances`deprecated`	array	No	[Deprecated] When you configure a node pool, use the `rds_instances` parameter of the `scaling_group` field in the `nodepool` section instead. The ApsaraDB RDS instances. The pod CIDR block and node CIDR block are added to the whitelists of the ApsaraDB RDS instances. We recommend that you add the pod CIDR block and node CIDR block to the whitelists of the ApsaraDB RDS instances in the ApsaraDB RDS console. If the RDS instances are not in the Running state, new nodes cannot be added to the cluster.
	string	No	The ApsaraDB RDS instances. The pod CIDR block and node CIDR block are added to the whitelists of the ApsaraDB RDS instances. We recommend that you add the pod CIDR block and node CIDR block to the whitelists of the ApsaraDB RDS instances in the ApsaraDB RDS console. If the RDS instances are not in the Running state, new nodes cannot be added to the cluster.	rm-2zev748xi27xc****
tags	array	No	The labels that you want to add to nodes. You must add labels based on the following rules: A label is a case-sensitive key-value pair. You can add up to 20 labels. When you add a label, you must specify a unique key, but you can leave the value empty. A key cannot exceed 64 characters in length, and a value cannot exceed 128 characters in length. Keys and values cannot start with aliyun, acs:, https://, or http://. For more information, see Labels and Selectors.
	tag	No	The node label. You must add the label based on the following rules: A label is a case-sensitive key-value pair. You can add up to 20 labels. When you add a label, you must specify a unique key, but you can leave the value empty. A key cannot exceed 64 characters in length, and a value cannot exceed 128 characters in length. Keys and values cannot start with aliyun, acs:, https://, or http://. For more information, see Labels and Selectors.
addons	array	No	The components that you want to install in the cluster. When you create a cluster, you can configure the `addons` parameter to specify the components that you want to install. Network plug-in: required. The Flannel and Terway plug-ins are supported. Select one of the plug-ins for the cluster. If you want to use the Terway component, specify the network plug-in in the [{"name":"flannel","config":""}] format. If you want to use the Terway component, specify the value network plug-in in the [{"name": "terway-eniip","Config": ""}] format. Volume plug-in: optional. Only the `Container Storage Interface (CSI)` plug-in is supported. Specify the `CSI` plug-in in the following format: [{"name":"csi-plugin","config": ""},{"name": "csi-provisioner","config": ""}]. Simple Log Service component: optional. We recommend that you enable Simple Log Service. If Simple Log Service is disabled, you cannot use the cluster auditing feature. Specify an existing `Simple Log Service project` in the following format: [{"name": "logtail-ds","config": "{"IngressDashboardEnabled":"true","sls_project_name":"your_sls_project_name"}"}]. To create a `Simple Log Service project`, specify the component in the following format: [{"name": "logtail-ds","config": "{"IngressDashboardEnabled":"true"}"}]. Ingress controller: optional. By default, the `nginx-ingress-controller` component is installed in ACK dedicated clusters. To install nginx-ingress-controller and enable Internet access, specify the Ingress controller in the following format: [{"name":"nginx-ingress-controller","config":"{"IngressSlbNetworkType":"internet"}"}]. To disable the automatic installation of nginx-ingress-controller, specify the Ingress controller in the following format: [{"name": "nginx-ingress-controller","config": "","disabled": true}]. Event center: optional. By default, the event center feature is enabled. You can use ACK event centers to store and query events and configure alerts. You can use the Logstores that are associated with ACK event centers free of charge within 90 days. For more information, see Create and use an event center. To enable the event center feature, specify the event center component in the following format: [{"name":"ack-node-problem-detector","config":"{"sls_project_name":"your_sls_project_name"}"}].
	addon	No	The components that you want to install in the cluster. When you create a cluster, you can configure the `addons` parameter to specify the components that you want to install.
taints`deprecated`	array	No	[Deprecated] When you configure a node pool, use the `taints` parameter of the `kubernetes_config` field in the `nodepool` section instead. The taints that you want to add to nodes. Taints can be used together with tolerations to avoid scheduling pods to specific nodes. For more information, see taint-and-toleration.
	taint	No	The taint. Taints can be used together with tolerations to avoid scheduling pods to specified nodes. For more information, see taint-and-toleration.
cloud_monitor_flags`deprecated`	boolean	No	[Deprecated] When you configure the control plane, use the `cloud_monitor_flags` parameter in the `control_plane_config` section instead. When you configure a node pool, use the `cms_enabled` parameter of the `kubernetes_config` field in the nodepool section instead. Specifies whether to install the CloudMonitor agent. Valid values: `true`: installs the CloudMonitor agent. `false`: does not install the CloudMonitor agent. Default value: `false`.	true
platform`deprecated`	string	No	[Deprecated] When you configure a node pool, use the `platform` parameter of the `scaling_group` field in the `nodepool` section instead. The OS distribution that is used. Valid values: CentOS AliyunLinux QbootAliyunLinux Qboot Windows WindowsCore Default value: `CentOS`.	CentOS
os_type`deprecated`	string	No	[Deprecated] When you configure the control plane, use the `image_type` parameter in the `control_plane_config` section instead. When you configure a node pool, use the `image_type` parameter of the `scaling_group` field in the `nodepool` section instead. The type of OS. Valid values: Windows Linux Default value: `Linux`.	Linux
soc_enabled`deprecated`	boolean	No	[Deprecated] When you configure the control plane, use the `soc_enabled` parameter in the `control_plane_config` section instead. When you configure a node pool, use the `soc_enabled` parameter of the `scaling_group` field in the `nodepool` section instead. Specifies whether to enable Multi-Level Protection Scheme (MLPS) security hardening. For more information, see ACK security hardening based on MLPS. Valid values: `true`: enables MLPS security hardening. `false`: disables MLPS security hardening. Default value: `false`.	false
security_hardening_os`deprecated`	boolean	No	[Deprecated] When you configure the control plane, use the `security_hardening_os` parameter in the `control_plane_config` section instead. When you configure a node pool, use the `security_hardening_os` parameter of the `scaling_group` field in the `nodepool` section instead. Specifies whether to enable Alibaba Cloud Linux Security Hardening. Valid values: `true`: enables Alibaba Cloud Linux Security Hardening. `false`: disables Alibaba Cloud Linux Security Hardening. Default value: `false`.	false
cis_enabled`deprecated`	boolean	No	[Deprecated] When you configure the control plane, use the `security_hardening_os` parameter in the `control_plane_config` section instead. When you configure a node pool, use the `security_hardening_os` parameter of the `scaling_group` field in the `nodepool` section instead.	false
cpu_policy`deprecated`	string	No	[Deprecated] When you configure the control plane, use the `cpu_policy` parameter in the `control_plane_config` section instead. When you configure a node pool, use the `cpu_policy` parameter of the `kubernetes_config` field in the `nodepool` section instead. The CPU management policy of the node. The following policies are supported if the Kubernetes version of the cluster is 1.12.6 or later: `static`: allows pods with specific resource characteristics on the node to be granted enhanced CPU affinity and exclusivity. `none`: specifies that the default CPU affinity is used. Default value: `none`.	none
proxy_mode	string	No	The kube-proxy mode. Valid values: `iptables`: a mature and stable mode that uses iptables rules to conduct service discovery and load balancing. The performance of this mode is limited by the size of the cluster. This mode is suitable for clusters that run a small number of Services. `ipvs`: a mode that provides high performance and uses IP Virtual Server (IPVS) to conduct service discovery and load balancing. This mode is suitable for clusters that run a large number of Services. We recommend that you use this mode in scenarios that require high-performance load balancing. Default value: `ipvs`.	ipvs
node_port_range	string	No	The node port range. Valid values: 30000 to 65535. Default value: `30000-32767`.	30000~32767
master_vswitch_ids`deprecated`	array	No	[Deprecated] Use the `vswitch_ids` parameter instead. The IDs of the vSwitches that are specified for master nodes. You can specify up to three vSwitches. We recommend that you specify three vSwitches in different zones to ensure high availability. The number of vSwitches must be the same as the value of the `master_count` parameter and also the same as the number of vSwitches specified in the `master_vswitch_ids` parameter.
	string	No	The IDs of the vSwitches that are specified for master nodes. You can specify up to three vSwitches. We recommend that you specify three vSwitches in different zones to ensure high availability. The number of vSwitches must be the same as the value of the `master_count` parameter and also the same as the number of vSwitches specified in the `master_vswitch_ids` parameter.	vsw-2ze3ds0mdip0hdz8i****
key_pair`deprecated`	string	No	[Deprecated] When you configure the control plane, use the `key_pair` parameter in the `control_plane_config` section instead. When you configure a node pool, use the `key_pair` parameter of the `scaling_group` field in the `nodepool` section instead. The name of the key pair. You must configure this parameter or `login_password`.	secrity-key
login_password`deprecated`	string	No	[Deprecated] When you configure the control plane, use the `login_password` parameter in the `control_plane_config` section instead. When you configure a node pool, use the `login_password` parameter of the `scaling_group` field in the `nodepool` section instead. The password for SSH logon. You must set this parameter or `key_pair`. The password must be 8 to 30 characters in length, and must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters.	Hello@1234
master_count`deprecated`	long	No	[Deprecated] When you configure the control plane, use the `size` parameter in the `control_plane_config` section instead. The number of master nodes. Valid values: `3` and `5`. Default value: `3`.	3
master_instance_types`deprecated`	array	No	[Deprecated] When you configure the control plane, use the `instance_types` parameter in the `control_plane_config` section instead. The instance types of master nodes. For more information, see Overview of instance families.
	string	No	The instance types of master nodes. The number of instance types must be the same as the value of the `master_count` parameter and also the same as the number of instance types specified in the `master_instance_types` parameter. For more information, see Instance families.	ecs.n4.xlarge
master_system_disk_category`deprecated`	string	No	[Deprecated] When you configure the control plane, use the `system_disk_category` parameter in the `control_plane_config` section instead. The system disk category of master nodes. Valid values: `cloud_efficiency`: ultra disk. `cloud_ssd`: standard SSD. `cloud_essd`: Enterprise SSD (ESSD). Default value: `cloud_ssd`. The default value may vary in different zones.	cloud_ssd
master_system_disk_size`deprecated`	long	No	[Deprecated] When you configure the control plane, use the `system_disk_disk` parameter in the `control_plane_config` section instead. The system disk size of master nodes. Valid values: 40 to 500. Unit: GiB. Default value: `120`.	120
master_system_disk_performance_level`deprecated`	string	No	[Deprecated] When you configure the control plane, use the `system_disk_performance_level` parameter in the `control_plane_config` section instead. The performance level (PL) of the system disk that you want to use for master nodes. This parameter takes effect only for ESSDs. For more information about the relationship between disk PLs and disk sizes, see ESSDs .	PL1
master_system_disk_snapshot_policy_id`deprecated`	string	No	[Deprecated] When you configure the control plane, use the `system_disk_snapshot_policy_id` parameter in the `control_plane_config` section instead. The ID of the automatic snapshot policy that is used by the system disk specified for master nodes.	sp-2zej1nogjvovnz4z****
master_instance_charge_type`deprecated`	string	No	[Deprecated] When you configure the control plane, use the `instance_charge_type` parameter in the `control_plane_config` section instead. The billing method of master nodes. Valid values: `PrePaid`: subscription. `PostPaid`: pay-as-you-go. Default value: `PostPaid`.	PrePaid
master_period_unit`deprecated`	string	No	[Deprecated] When you configure the control plane, use the `period_unit` parameter in the `control_plane_config` section instead. The billing cycle of the master nodes in the cluster. This parameter is required if master_instance_charge_type is set to `PrePaid`. Valid value: `Month`, which indicates that master nodes are billed only on a monthly basis.	Month
master_period`deprecated`	long	No	[Deprecated] When you configure the control plane, use the `unit` parameter in the `control_plane_config` section instead. The subscription duration of master nodes. This parameter takes effect and is required only when `master_instance_charge_type` is set to `PrePaid`. Valid values: 1, 2, 3, 6, 12, 24, 36, 48, and 60. Default value: 1.	1
master_auto_renew`deprecated`	boolean	No	[Deprecated] When you configure the control plane, use the `auto-renew` parameter in the `control_plane_config` section instead. Specifies whether to enable auto-renewal for master nodes. This parameter takes effect only when `master_instance_charge_type` is set to `PrePaid`. Valid values: `true`: enables auto-renewal. `false`: disables auto-renewal. Default value: `true`.	true
master_auto_renew_period`deprecated`	long	No	[Deprecated] When you configure the control plane, use the `auto-renew_period` parameter in the `control_plane_config` section instead. The auto-renewal duration. This parameter takes effect and is required only when the subscription billing method is selected for master nodes. Valid values: 1, 2, 3, 6, and 12. Default value: 1.	1
num_of_nodes`deprecated`	long	No	[Deprecated] When you configure a node pool, use the `desired_size` parameter of the `scaling_group` field in the `nodepool` section instead. The number of worker nodes. Valid values: 0 to 100.	3
vswitch_ids	array	No	The vSwitches for nodes in the cluster. This parameter is required if you create an ACK managed cluster that does not contain nodes.
	string	No	The vSwitch for nodes in the cluster. This parameter is required if you create an ACK managed cluster that does not contain nodes.	vsw-2ze3ds0mdip0hdz8i****
worker_vswitch_ids`deprecated`	array	No	[Deprecated] When you configure a node pool, use the `vswitch_ids` parameter of the `scaling_group` field in the `nodepool` section instead. The vSwitches for worker nodes. Each worker node is allocated a vSwitch. `worker_vswitch_ids` is optional, but `vswitch_ids` is required if you create an ACK managed cluster that does not contain nodes.
	string	No	The vSwitches for worker nodes. You can specify 1 to 20 vSwitches. We recommend that you select vSwitches in different zones to ensure high availability. `worker_vswitch_ids` is optional but `vswitch_ids` is required if you create an ACK managed cluster that does not contain nodes.	vsw-2ze3ds0mdip0hdz8i****
worker_instance_types`deprecated`	array	No	[Deprecated] When you configure a node pool, use the `instance_types` parameter of the `scaling_group` field in the `nodepool` section instead. The instance configurations of worker nodes.
	string	No	The instance types of worker nodes. You must specify at least one instance type. For more information, see Overview of instance families. Note The instance types are listed in descending order of priority. If the system fails to create worker nodes with the instance type of the highest priority, the system attempts to create worker nodes with the instance type of the next highest priority.	ecs.n4.large
worker_system_disk_category`deprecated`	string	No	[Deprecated] When you configure a node pool, use the `system_disk_category` parameter of the `scaling_group` field in the `nodepool` section instead. The system disk category of worker nodes. For more information, see Elastic Block Storage devices. Valid values: `cloud_efficiency`: ultra disk. `cloud_ssd`: standard SSD. Default value: `cloud_ssd`.	cloud_efficiency
worker_system_disk_size`deprecated`	long	No	[Deprecated] When you configure a node pool, use the `system_disk_size` parameter of the `scaling_group` field in the `nodepool` section instead. The system disk size of worker nodes. Unit: GiB. Valid values: 40 to 500. The value of this parameter must be at least 40 and greater than or equal to the image size. Default value: `120`.	120
worker_system_disk_snapshot_policy_id`deprecated`	string	No	[Deprecated] When you configure a node pool, use the `system_disk_snapshot_policy_id` parameter of the `scaling_group` field in the `nodepool` section instead. The ID of the automatic snapshot policy that is used by the system disk specified for worker nodes.	sp-2zej1nogjvovnz4z****
worker_system_disk_performance_level`deprecated`	string	No	[Deprecated] When you configure a node pool, use the `system_disk_performance_level` parameter of the `scaling_group` field in the `nodepool` section instead. If the system disk is an ESSD, you can specify the PL of the ESSD. For more information, see Enterprise SSDs. Valid values: PL0 PL1 PL2 PL3	PL1
worker_data_disks`deprecated`	array<object>	No	[Deprecated] When you configure a node pool, use the `data_disks` parameter of the `scaling_group` field in the `nodepool` section instead. The configurations of the data disks that you want to mount to worker nodes. The configurations include the disk category and disk size.
	object	No	The configurations of data disks.
category	string	Yes	The data disk category.	cloud_essd
encrypted	string	No	Specifies whether to encrypt the data disk. Valid values: `true`: encrypts the data disk. `false`: does not encrypt the data disk. Default value: `false`.	true
size	string	Yes	The data disk size. Valid values: 40 to 32767. Unit: GiB.	120
performance_level	string	No	The PL of the data disk. This parameter takes effect only for ESSDs. You can specify a higher PL if you increase the size of a data disk. For more information, see Enterprise SSDs.	PL1
worker_instance_charge_type`deprecated`	string	No	[Deprecated] When you configure a node pool, use the `instance_charge_type` parameter of the `scaling_group` field in the `nodepool` section instead. The billing method of worker nodes. Valid values: `PrePaid`: subscription. `PostPaid`: pay-as-you-go. Default value: PostPaid.	PrePaid
worker_period_unit`deprecated`	string	No	[Deprecated] When you configure a node pool, use the `period_unit` parameter of the `scaling_group` field in the `nodepool` section instead. The billing cycle of worker nodes. This parameter is required if worker_instance_charge_type is set to `PrePaid`. Valid value: `Month`, which indicates that worker nodes are billed only on a monthly basis.	Month
worker_period`deprecated`	long	No	[Deprecated] When you configure a node pool, use the `period` parameter of the `scaling_group` field in the `nodepool` section instead. The subscription duration of worker nodes. This parameter takes effect and is required only when `worker_instance_charge_type` is set to `PrePaid`. Valid values: 1, 2, 3, 6, 12, 24, 36, 48, and 60. Default value: 1.	1
worker_auto_renew`deprecated`	boolean	No	[Deprecated] When you configure a node pool, use the `auto_renew` parameter of the `scaling_group` field in the `nodepool` section instead. Specifies whether to enable auto-renewal for worker nodes. This parameter takes effect and is required only when `worker_instance_charge_type` is set to `PrePaid`. Valid values: `true`: enables auto-renewal. `false`: disables auto-renewal. Default value: `true`.	true
worker_auto_renew_period`deprecated`	long	No	[Deprecated] When you configure a node pool, use the `auto_renew_period` parameter of the `scaling_group` field in the `nodepool` section instead. The auto-renewal duration of worker nodes. This parameter takes effect and is required only if the subscription billing method is selected for worker nodes. Valid values: 1, 2, 3, 6, and 12.	1
instances`deprecated`	array	No	[Deprecated] When you configure a node pool, you cannot add existing nodes to the cluster. If you want to add existing nodes, you must first create a node pool and then call the AttachInstancesToNodePool operation. The existing ECS instances that are specified as worker nodes for the cluster. Note This parameter is required if you create worker nodes on existing ECS instances.
	string	No	The existing ECS instances that are specified as worker nodes for the cluster. Note This parameter is required if you create worker nodes on existing ECS instances.	i-2ze4zxnm36vq00xn****
format_disk`deprecated`	boolean	No	[Deprecated] When you configure a node pool, you cannot add existing nodes to the cluster. If you want to add existing nodes, you must first create a node pool and then call the AttachInstancesToNodePool operation. Specifies whether to mount a data disk to a node that is created based on an existing ECS instance. Valid values: `true`: stores the data of containers and images on a data disk. The existing data stored in the data disk is lost. Back up the existing data first. `false`: does not store the data of containers and images on a data disk. Default value: `false`. How data disks are mounted: If an ECS instance has data disks mounted and the file system of the last data disk is not initialized, the system automatically formats the data disk to ext4. Then, the system mounts the data disk to /var/lib/docker and /var/lib/kubelet. If no data disk is mounted to the ECS instance, the system does not purchase a new data disk.	false
keep_instance_name`deprecated`	boolean	No	[Deprecated] When you configure a node pool, you cannot add existing nodes to the cluster. If you want to add existing nodes, you must first create a node pool and then call the AttachInstancesToNodePool operation. Specifies whether to retain the names of existing ECS instances that are used in the cluster. Valid values: `true`: retains the names. `false`: does not retain the names. The system assigns new names. Default value: `true`.	true
service_discovery_types	array	No	The methods for implementing service discovery in `ACK Serverless` clusters. `CoreDNS`: a standard service discovery plug-in that is provided by open source Kubernetes. To use DNS resolution, you must provision pods. By default, two elastic container instances are used. The specification of each instance is 0.25 vCores and 512 MiB of memory. `PrivateZone`: a DNS resolution service provided by Alibaba Cloud. You must activate Alibaba Cloud DNS PrivateZone before you can use it for service discovery. By default, this parameter is not specified.
	string	No	The methods for implementing service discovery in `ACK Serverless` clusters. `CoreDNS`: a standard service discovery plug-in provided by open source Kubernetes. To use DNS resolution, you must provision pods. By default, two elastic container instances are used. The specification of each instance is 0.25 vCores and 512 MiB of memory. `PrivateZone`: a DNS resolution service provided by Alibaba Cloud. You must activate Alibaba Cloud DNS PrivateZone before you can use it for service discovery. By default, this parameter is not specified.	PrivateZone
nat_gateway	boolean	No	[Deprecated] Use the `snat_entry` parameter instead.	true
zone_id`deprecated`	string	No	[Deprecated] Use the `zone_ids` parameter instead. The ID of the zone to which the cluster belongs. This parameter is specific to ACK Serverless clusters. When you create an ACK managed cluster, you must set the `zone_id` parameter if `vpc_id` and `vswitch_ids` are not specified. This way, the system automatically creates a VPC in the specified zone. This parameter is invalid if you specify the `vpc_id` and `vswitch_ids` parameters.	cn-beiji****
profile	string	No	If you set `cluster_type` to `ManagedKubernetes`, an ACK managed cluster is created. In this case, you can further specify the cluster edition. Valid values: `Default`: ACK managed cluster. ACK managed clusters include ACK Basic clusters and ACK Pro clusters. `Edge`: ACK Edge cluster. ACK Edge clusters include ACK Edge Basic clusters and ACK Edge Pro clusters. `Serverless`: ACK Serverless cluster. ACK Serverless clusters include ACK Serverless Basic clusters and ACK Serverless Pro clusters. `Lingjun`: ACK Lingjun Pro cluster.	Default
logging_type	string	No	Enables Simple Log Service for the cluster. This parameter takes effect only for ACK Serverless clusters. Set the value to `SLS`.	SLS
controlplane_log_ttl	string	No	The retention period of control plane logs in days.	30
controlplane_log_project	string	No	The Simple Log Service project that is used to store the logs of control plane components. You can use an existing project or create one. If you choose to create a Simple Log Service project, the created project is named in the `k8s-log-{ClusterID}` format.	k8s-log-xxx
controlplane_log_components	array	No	The control plane components for which you want to enable log collection. By default, the logs of kube-apiserver, kube-controller-manager, and kube-scheduler are collected.
	string	No	The control plane component for which you want to enable log collection. By default, the log of kube-apiserver, kube-controller-manager, and kube-scheduler is collected.	["apiserver","kcm","scheduler"]
deletion_protection	boolean	No	Specifies whether to enable cluster deletion protection. If you enable this option, the cluster cannot be deleted in the console or by calling API operations. Valid values: `true`: enables cluster deletion protection. `false`: disables cluster deletion protection. Default value: `false`.	true
disable_rollback`deprecated`	boolean	No	[Deprecated] By default, the system does not perform a rollback when the cluster fails to be created. You must manually delete the cluster that fails to be created. Specifies whether to perform a rollback when the cluster fails to be created. Valid values: `true`: performs a rollback when the cluster fails to be created. `false`: does not perform a rollback when the cluster fails to be created. Default value: `true`.	true
timeout_mins`deprecated`	long	No	[Deprecated] By default, the system does not perform a rollback when the cluster fails to be created. You must manually delete the cluster that fails to be created. Specifies the timeout period of cluster creation. Unit: minutes. Default value: `60`.	60
image_type`deprecated`	string	No	[Deprecated] When you configure the control plane, use the `image_type` parameter in the `control_plane_config` section instead. When you configure a node pool, use the `image_type` parameter of the `scaling_group` field in the `nodepool` section instead. The type of OS distribution that you want to use. To specify the node OS, we recommend that you use this parameter. Valid values: CentOS AliyunLinux AliyunLinux Qboot AliyunLinuxUEFI AliyunLinux3 Windows WindowsCore AliyunLinux3Arm64 ContainerOS Default value: `CentOS`.	AliyunLinux
load_balancer_spec`deprecated`	string	No	[Deprecated] The pay-as-you-go billing method is used by Classic Load Balancer (CLB) instances. This parameter does not take effect. The specification of the Server Load Balancer (SLB) instance. Valid values: slb.s1.small slb.s2.small slb.s2.medium slb.s3.small slb.s3.medium slb.s3.large Default value: `slb.s2.small`.	slb.s2.small
enable_rrsa	boolean	No	Specifies whether to enable the RAM Roles for Service Accounts (RRSA) feature.	true
resource_group_id	string	No	The ID of the resource group to which the cluster belongs. You can use resource groups to isolate clusters.	rg-acfm3mkrure****
charge_type`deprecated`	string	No	[Deprecated] The billing method of the CLB instance that is used by the API server. Default value: PostPaid. Valid values: PostPaid: pay-as-you-go. PrePaid: subscription. This billing method is not supported by newly created CLB instances. Existing CLB instances are not affected. Note This parameter was changed on October 15, 2024. For more information, see Announcement on changes to the parameter behavior of the CreateCluster operation. Starting from December 1, 2024, newly created CLB instances no longer support the subscription billing method, and an instance fee will be charged for newly created CLB instances For more information, see CLB billing adjustments.	1
period_unit`deprecated`	string	No	[Deprecated] The billing cycle. This parameter is required if charge_type is set to PrePaid. Valid value: Month, which indicates that resources are billed only on a monthly basis. This parameter was changed on October 15, 2024. For more information, see Announcement on changes to the parameter behavior of the CreateCluster operation.	Month
period`deprecated`	long	No	[Deprecated] The subscription duration. This parameter takes effect and is required only when you set charge_type to PrePaid. Valid values: 1, 2, 3, 6, 12, 24, 36, 48, and 60. Default value: 1. This parameter was changed on October 15, 2024. For more information, see Announcement on changes to the parameter behavior of the CreateCluster operation.	FY2023
auto_renew`deprecated`	boolean	No	[Deprecated] Specifies whether to enable auto-renewal. This parameter takes effect only when `charge_type` is set to `PrePaid`. Valid values: `true`: enables auto-renewal. `false`: disables auto-renewal. Default value: `false`. This parameter was changed on October 15, 2024. For more information, see Announcement on changes to the parameter behavior of the CreateCluster operation.	true
auto_renew_period`deprecated`	long	No	[Deprecated] The auto-renewal duration. This parameter takes effect only if charge_type is set to PrePaid and auto_renew is set to true. If you set `period_unit` to Month, the valid values of auto_renew_period are 1, 2, 3, 6, and 12. Default value: 1. This parameter was changed on October 15, 2024. For more information, see Announcement on changes to the parameter behavior of the CreateCluster operation.	1
ip_stack	string	No	The IP stack of the cluster.	Optional value: ipv4 (Single stack) or ipv6 (Dual Stack) Default value: IPV4
access_control_list	array	No	The network access control list (ACL) rule of the SLB instance associated with the API server if the cluster is a registered cluster.
	string	No	The ACL rule of the SLB instance associated with the API server if the cluster is a registered cluster.	192.168.1.0/24
nodepools	array	No	The list of node pools.
	nodepool	No	The node pool configurations.
zone_ids	array	No	The IDs of the zone in which the cluster is deployed. This parameter is specific to ACK managed clusters. When you create an ACK managed cluster, you must set the `zone_id` parameter if `vpc_id` and `vswitch_ids` are not specified. This way, the system automatically creates a VPC in the specified zone. This parameter is invalid if you specify the `vpc_id` and `vswitch_ids` parameters.
	string	No	The ID of the zone in which the cluster is deployed. A vSwitch is automatically created in this zone.	cn-beijing-h
load_balancer_id	string	No	Specifies the ID of the CLB instance for accessing the API server. If this parameter is specified, the system does not automatically create a CLB instance for the API server. Note Make sure that the CLB instance does not have other dependencies, such as listeners and backend servers. You cannot specify shared-resource or Internet-facing CLB instances.	lb-wz9t256gqa3vbouk****
maintenance_window	maintenance_window	No	The configurations of the cluster maintenance window.
operation_policy	object	No	The automatic O&M policy of the cluster.
cluster_auto_upgrade	object	No	The configurations of auto cluster upgrade.
enabled	boolean	No	Specifies whether to enable auto cluster update.	true
channel	string	No	The automatic update frequency. Valid values: patch stable rapid	patch
control_plane_config	object	No	The control plane configurations of an ACK dedicated cluster.
charge_type	string	No	The billing method of the node.	PrePaid
period	long	No	The subscription duration of the node.	1
period_unit	string	No	The unit of the subscription duration of the node.	Month
auto_renew	boolean	No	Specifies whether to enable auto-renewal for the node.	true
auto_renew_period	long	No	The auto-renewal duration for the node.	1
instance_types	array	No	The instance types of the nodes.
	string	No	The instance type of the node.	ecs.g6.large
image_type	string	No	The type of the OS image.	AliyunLinux3
image_id	string	No	The image ID.	aliyun_3_x64_20G_alibase_20240819.vhd
key_pair	string	No	The name of the key pair. You must set this parameter or login_password.	ack
login_password	string	No	The SSH logon password. The password must be 8 to 30 characters in length and contain a minimum of three of the following character types: uppercase letters, lowercase letters, digits, and special characters. You must set this parameter or key_pair.	ack@Test
system_disk_category	string	No	The system disk category for the node.	cloud_essd
system_disk_size	long	No	The system disk size of the node. The value must be at least 40 GB.	120
system_disk_snapshot_policy_id	string	No	The automatic snapshot policy of the node.	sp-2zej1nogjvovnz4z****
system_disk_performance_level	string	No	The PL of the system disk that you want to use for the node. This parameter takes effect only for ESSDs.	PL1
system_disk_provisioned_iops	long	No	The preset read/write IOPS of the system disk.	1000
system_disk_bursting_enabled	boolean	No	Specifies whether to enable the burst feature for the system disk.	true
deploymentset_id	string	No	The ID of the deployment set.	ds-bp10b35imuam5amw****
cloud_monitor_flags	boolean	No	Specifies whether to install CloudMonitor on the node.	true
soc_enabled	boolean	No	Specifies whether to enable MLPS security hardening.	true
security_hardening_os	boolean	No	Specifies whether to enable Alibaba Cloud Linux Security Hardening.	true
cpu_policy	string	No	The CPU management policy of the node.	none
runtime	string	No	The container runtime.	containerd
node_port_range	string	No	The node port range.	30000-32767
size	long	No	The number of control plane nodes.	3

Response parameters

Parameter	Type	Description	Example

Parameter	Type	Description	Example
	object	The returned data.
cluster_id	string	The ID of the cluster.	cb95aa626a47740afbf6aa099b650****
request_id	string	The request ID.	687C5BAA-D103-4993-884B-C35E4314A1E1
task_id	string	The task ID.	T-5a54309c80282e39ea00002f

Examples

Sample success responses

JSONformat

            
            
          
{
  "cluster_id": "cb95aa626a47740afbf6aa099b650****",
  "request_id": "687C5BAA-D103-4993-884B-C35E4314A1E1",
  "task_id": "T-5a54309c80282e39ea00002f"
}

Examples

Sample success responses

JSONformat

            
            
          
{
    "cluster_id": "cb95aa626a47740afbf6aa099b650****",
    "task_id": "T-5a54309c80282e39ea00002f",
    "request_id": "687C5BAA-D103-4993-884B-C35E4314A1E1"
}

XMLformat

            
<cluster_id>cb95aa626a47740afbf6aa099b650****</cluster_id>
<task_id>T-5a54309c80282e39ea00002f</task_id>
<request_id>687C5BAA-D103-4993-884B-C35E4314A1E1</request_id>

Error codes

For a list of error codes, visit the Service error codes.

Change history

Change time	Summary of changes	Operation

Change time	Summary of changes	Operation
2024-11-19	The internal configuration of the API is changed, but the call is not affected	View Change Details
2024-10-15	The internal configuration of the API is changed, but the call is not affected	View Change Details
2024-09-13	The internal configuration of the API is changed, but the call is not affected	View Change Details
2024-09-11	The internal configuration of the API is changed, but the call is not affected	View Change Details
2024-09-04	The internal configuration of the API is changed, but the call is not affected	View Change Details
2024-04-22	The internal configuration of the API is changed, but the call is not affected	View Change Details
2024-04-19	The internal configuration of the API is changed, but the call is not affected	View Change Details
2023-08-21	The internal configuration of the API is changed, but the call is not affected	View Change Details
2023-08-08	The internal configuration of the API is changed, but the call is not affected	View Change Details
2022-09-23	The internal configuration of the API is changed, but the call is not affected	View Change Details
2022-08-02	The internal configuration of the API is changed, but the call is not affected	View Change Details
2021-11-24	The internal configuration of the API is changed, but the call is not affected	View Change Details

About Alibaba Cloud

Our Global Network

Quick Start

Global Offices

Olympic Games Paris 2024 New

Stade Roland Garros – Glitz from the Past New

Place de la Concorde – “Breaking” the Barriers New

Vaires-sur-Marne Nautical Stadium – Sports with Sustainability New

International Broadcast Center – Images, Sounds, and Data that Captivate Billions New

Customer Success Stories New

Trust Center

Security & Compliance Center

Cloud Compliance Resources

Security Compliance FAQs

Product & Feature Update New

Cloud Forward

Press Room

Alibaba Cloud e-Magazine New

Alibaba Cloud in Analyst Research

Notice

Go Global Service New

Go Global Alliance with Alibaba Cloud

Asia Accelerator Hot

Information Compliance

China Gateway - MLPS 2.0 Compliance New

China Gateway - Networking

China Gateway - Global Application Acceleration New

China Gateway - Security

China Gateway - Data Security New

ICP Support Hot

China Gateway - Omnichannel Data Mid-End New

China Gateway - Organizational Data Mid-End New

China Gateway - Business Mid-End New

China Gateway - AI Service for Conversational Chatbots New

China Gateway - Online Education

China Gateway - Domain Registration

Work at Alibaba Cloud

Experienced Professionals

Students and Graduates

Free Trial

Pricing

Promo Center

Price Reduction

Pay Less and Deploy More

FinOps

Elastic Compute Service (ECS)

Simple Application Server (SAS)

Elastic GPU Service

Elastic Desktop Service (EDS)

Object Storage Service (OSS)

Cloud Enterprise Network (CEN)

Web Application Firewall (WAF)

Domain Names

Container Compute Service (ACS)

Secure Access Service Edge (SASE)

Intelligent Media Services(IMS)

Edge Security Acceleration (ESA)(Original DCDN)

Intelligent Media Management

DingTalk Enterprise

YiDA

Alibaba Cloud Model Studio

Apsara Prime - For Easy Cloud Product Selection

Alibaba Cloud ECS - Cater All Your Cloud Hosting Needs

1TB CDN—Get Free 1 TB Outbound Traffic Plan Now

Security—Under Attack? Get Free Security Support

Short Message Service - Free Testing is Available

Elastic Compute Service (ECS) Hot

CloudBox

Compute Nest

Dedicated Host Hot

ECS Bare Metal Instance

Elastic GPU Service Featured

Simple Application Server (SAS) Hot

Auto Scaling

Cloud Phone Beta

Elastic Desktop Service (EDS) Featured

Batch Compute

Elastic High Performance Computing (E-HPC)

Super Computing Cluster (SCC)

Function Compute (FC)