You can call the CreateCluster operation to create an ACK dedicated cluster that supports sandboxed containers.
Debugging
Request syntax
POST /clusters HTTP/1.1
Content-Type:application/json
{
"addons" : [ {
"name" : "String",
"config" : "String",
"disabled" : Boolean
} ],
"cloud_monitor_flags" : Boolean,
"cluster_type" : "String",
"container_cidr" : "String",
"cpu_policy" : "String",
"deletion_protection" : Boolean,
"disable_rollback" : Boolean,
"endpoint_public_access" : Boolean,
"is_enterprise_security_group" : Boolean,
"key_pair" : "String",
"kubernetes_version" : "String",
"login_password" : "String",
"master_auto_renew" : Boolean,
"master_auto_renew_period" : Long,
"master_count" : Long,
"master_vswitch_ids" : [ "String" ],
"master_instance_types" : [ "String" ],
"master_system_disk_category" : "String",
"master_system_disk_size" : Long,
"master_system_disk_snapshot_policy_id" : "String",
"master_instance_charge_type" : "String",
"master_period_unit" : "String",
"master_period" : Long,
"name" : "String",
"node_cidr_mask" : "String",
"node_port_range" : "String",
"num_of_nodes" : Long,
"pod_vswitch_ids" : [ "String" ],
"proxy_mode" : "String",
"region_id" : "String",
"runtime" : {
"name" : "String",
"version" : "String"
},
"service_cidr" : "String",
"security_group_id" : "String",
"snat_entry" : Boolean,
"ssh_flags" : Boolean,
"tags" : [ {
"key" : "String",
"value" : "String"
} ],
"taints" : [ {
"key" : "String",
"value" : "String",
"effect" : "String"
} ],
"timeout_mins" : Long,
"user_data" : "String",
"vpcid" : "String",
"vswitch_ids" : [ "String" ],
"worker_auto_renew" : Boolean,
"worker_auto_renew_period" : Long,
"worker_data_disks" : [ {
"category" : "String",
"size" : Long,
"encrypted" : "String",
"auto_snapshot_policy_id" : "String"
} ],
"worker_vswitch_ids" : [ "String" ],
"worker_instance_types" : [ "String" ],
"worker_system_disk_category" : "String",
"worker_system_disk_size" : Long,
"worker_instance_charge_type" : "String",
"worker_period_unit" : "String",
"worker_period" : Long,
"zone_id" : "String"
}
Request parameters
Table 1. Request body parameters
Parameter | Type | Required | Example | Description |
addons | Array | Yes | [{"name": "terway-eniip","config": ""}, {"name": "logtail-ds","config": "{\"IngressDashboardEnabled\":\"true\",\"sls_project_name\":\"your_sls_project_name\"}"}, {"name":"nginx-ingress-controller","config":"{\"IngressSlbNetworkType\":\"internet\"}"}] | The list of plug-ins to be installed.
|
cloud_monitor_flags | Boolean | No | true | Specifies whether to install the CloudMonitor agent. Valid values:
Default value: |
cluster_type | String | Yes | Kubernetes | The type of the cluster. Set the value to |
container_cidr | String | No | 172.20.0.0/16 | The CIDR block of pods. This CIDR block cannot overlap with the CIDR block of the virtual private cloud (VPC) in which the cluster is deployed. If the VPC is automatically created by the system, the default CIDR block of pods is 172.16.0.0/16. This parameter is required if the cluster uses Flannel as the network plug-in. |
cpu_policy | String | No | none | The CPU management policy of the nodes in the cluster. The following policies are supported if the Kubernetes version of the cluster is 1.12.6 or later.
Default value: |
deletion_protection | Boolean | No | true | Specifies whether to enable deletion protection for the cluster. After deletion protection is enabled, the cluster cannot be deleted in the Container Service for Kubernetes (ACK) console or by calling API operations. Valid values:
Default value: |
disable_rollback | Boolean | No | true | Specifies whether to perform a rollback when the cluster fails to be created. Valid values:
Default value: |
endpoint_public_access | Boolean | No | true | Specifies whether to enable Internet access for the API server. Valid values:
Default value: |
is_enterprise_security_group | Boolean | No | true | Specifies whether to create an advanced security group. This parameter takes effect only if
Default value: |
key_pair | String | Yes | security-key | The name of the key pair. You must set this parameter or the |
kubernetes_version | String | No | 1.16.9-aliyun.1 | The Kubernetes version of the cluster. The Kubernetes versions supported by Container Service are the same as the Kubernetes versions supported by open source Kubernetes. We recommend that you specify the latest Kubernetes version. If you do not set this parameter, the latest Kubernetes version is queried. You can create clusters of the latest two Kubernetes versions in the ACK console. You can create clusters of earlier Kubernetes versions by calling API operations. For more information about the Kubernetes versions supported by ACK, see Overview of Kubernetes versions supported by ACK. |
login_password | String | Yes | Hello@1234 | The password for SSH logon. You must set this parameter or the |
master_auto_renew | Boolean | No | true | Specifies whether to enable auto-renewal for master nodes. This parameter takes effect only if
Default value: |
master_auto_renew_period | Long | No | 1 | The cycle of auto-renewal. This parameter takes effect and is required only if the subscription billing method is selected for master nodes. Valid values: 1, 2, 3, 6, and 12. Default value: 1. |
master_count | Long | No | 3 | The number of master nodes that you want to create. Valid values: 3 and 5. Default value: 3. |
master_instance_charge_type | String | No | PrePaid | The billing method of master nodes. Valid values:
The default value is |
master_instance_types | Array of String | No | ["ecs.n4.xlarge"] | The instance types of master nodes. The number of instance types specified for master nodes must be the same as that specified in |
master_period | Long | No | 1 | The subscription duration of master nodes. This parameter takes effect and is required only if Valid values: 1, 2, 3, 6, 12, 24, 36, 48, and 60. Default value: 1. |
master_period_unit | String | No | Month | The billing cycle of master nodes. This parameter is required if master_instance_charge_type is set to Set the value to |
master_system_disk_category | String | No | cloud_ssd | The type of system disk that you want to use for the master nodes. Valid values:
Default value: |
master_system_disk_size | Long | No | 120 | The size of the system disk that is specified for master nodes. Valid values: 40 to 500. Unit: GiB. Default value: 120. |
master_system_disk_performance_level | String | No | PL1 | The performance level (PL) of the system disk that you want to use for master nodes. This parameter takes effect only for Enterprise SSDs (ESSDs). You can specify a higher PL if you increase the size of the system disk. For more information, see ESSDs. |
master_vswitch_ids | Array of String | No | ["vsw-2ze3ds0mdip0hdz8i****"] | The IDs of the vSwitches that are specified for master nodes. |
name | String | Yes | cluster-demo | The name of the cluster. The name must be 1 to 63 characters in length, and can contain digits, letters, and hyphens (-). The name cannot start with a hyphen (-). |
node_cidr_mask | String | No | 25 | The maximum number of IP addresses that can be assigned to each node. This number is determined by the specified pod CIDR block. This parameter takes effect only if the cluster uses the Flannel plug-in. Default value: 25 |
node_port_range | String | No | 30000~32767 | The port range of a node. Valid values: 30000 to 65535. |
num_of_nodes | Long | Yes | 3 | The number of worker nodes. Valid values: 0 to 100. |
pod_vswitch_ids | Array of String | No | ["vsw-2ze97jwri7cei0mpw****"] | The list of pod vSwitches. Note The For each vSwitch that is allocated to nodes, you must specify at least one pod vSwitch in the same zone. The pod vSwitches cannot be the same as the node |
proxy_mode | String | No | ipvs | The kube-proxy mode. Valid values: Default value: |
region_id | String | Yes | cn-beijing | The ID of the region in which you want to deploy the cluster. |
runtime | Yes | {"name": "Sandboxed-Container.runv", "version": "2.2.0"} | The container runtime. Valid values:
You must specify the name and version of the container runtime:
Important Set the value to The version of the container runtime. By default, the latest version is used. For more information about the release notes for Sandboxed-Container, see Release notes for Sandboxed-Container. | |
security_group_id | String | No | sg-bp1bdue0qc1g7k**** | The ID of the existing security group that is specified for the cluster. Nodes in the cluster are automatically added to the specified security group. You must set this parameter or the |
service_cidr | String | Yes | 172.21.0.0/20 | The CIDR block of Services. This CIDR block cannot overlap with the CIDR block of pods or the CIDR block of the VPC in which the cluster is deployed. If the VPC is automatically created by the system, the default CIDR block of Services is 172.19.0.0/20. |
snat_entry | Boolean | No | true | Specifies whether to configure SNAT rules for the VPC in which your cluster is deployed.
If your applications deployed in the cluster need to access the Internet, we recommend that you set the value to Default value: |
ssh_flags | Boolean | No | true | Specifies whether to enable SSH logon over the Internet. Valid values:
Default value: |
tags | Array | No | The labels of the cluster. | |
Key | String | No | env | The key of the label. |
value | String | No | prod | The value of the label. |
tains | Array | No | The taints that you want to add to nodes. Taints are added to nodes to prevent pods from being scheduled to inappropriate nodes. However, tolerations allow pods to be scheduled to nodes with matching taints. For more information, see Taints and Tolerations. | |
effect | String | No | NoSchedule | The scheduling policy. Valid values:
|
Key | String | No | disk_type | The key of the taint. |
value | String | No | sshd | The value of the taint. |
timeout_mins | Long | No | 60 | The timeout period of cluster creation. Unit: minutes. Default value: 60 |
user_data | String | No | IyEvdXNyL2Jpbi9iYXNoCmVjaG8gIkhlbGxvIEFD**** | The user-defined data on the node. For more information, see Instance user data. |
vpcid | String | Yes | vpc-2zeik9h3ahvv2zz95**** | The ID of the VPC in which you want to deploy the cluster. |
vswitch_ids | Array of String | Yes | ["vsw-2ze48rkq464rsdts1****"] | The IDs of vSwitches. |
worker_auto_renew | Boolean | No | true | Specifies whether to enable auto-renewal for worker nodes. This parameter takes effect only if
Default value: |
worker_auto_renew_period | Long | No | 1 | The cycle of auto-renewal. This parameter takes effect and is required only if the subscription billing method is selected for worker nodes. Valid values: 1, 2, 3, 6, and 12. |
worker_data_disks | Array | Yes | The configuration of the data disk that is mounted to worker nodes. The configuration includes the disk type and disk size. | |
auto_snapshot_policy_id | String | No | sp-bp14j6w7ss6ozz**** | The ID of the automatic snapshot policy. |
category | String | No | cloud_ssd | The type of data disk that is mounted to worker nodes. Valid values:
Default value: |
encrypted | String | No | false | Specifies whether to encrypt the data disk. Valid values:
Default value: |
size | String | Yes | 200 | The size of the data disk. Unit: GiB. Valid values:
Note You must mount at least one data disk to nodes that run sandboxed containers. The data disk must be at least 200 GiB in size. |
worker_instance_charge_type | String | Yes | PrePaid | The billing method of worker nodes. Valid values:
Default value: PostPaid. |
worker_instance_types | Array of String | Yes | ["ecs.ebmg5s.24xlarge"] | The instance types of worker nodes. Important To create a cluster that supports sandboxed containers, you must select ECS Bare Metal instances. |
worker_period | Long | No | 1 | The subscription duration of worker nodes. This parameter takes effect and is required only if Default value: 1. |
worker_period_unit | String | No | Month | The billing cycle of worker nodes. This parameter is required if worker_instance_charge_type is set to |
worker_system_disk_category | String | No | cloud_efficiency | The type of system disk that is specified for worker nodes. Valid values:
Default value: |
worker_system_disk_size | Long | No | 200 | The size of the system disk that you want to use for worker nodes. Unit: GiB. Valid values: 40 to 500 The value of this parameter must be at least 40 and no less than the image size. Default value: |
worker_vswitch_ids | Array of String | No | ["vsw-2ze3ds0mdip0hdz8i****"] | The list of vSwitches that are specified for nodes. Each node is allocated a vSwitch. |
zone_id | String | No | cn-beijing-b | The ID of the zone in which the cluster is deployed. |
resource_group_id | String | No | rg-acfm3mkrure**** | The ID of the resource group to which the cluster belongs. You can use this parameter to isolate different clusters. |
Response syntax
HTTP/1.1 200
Content-Type:application/json
{
"cluster_id" : "String",
"request_id" : "String",
"task_id" : "String"
}
Response parameters
Table 2. Response body parameters
Parameter | Type | Example | Description |
cluster_id | String | cb95aa626a47740afbf6aa099b650**** | The ID of the cluster. |
request_id | String | 687C5BAA-D103-4993-884B-C35E4314A1E1 | The request ID. |
task_id | String | T-5a54309c80282e39ea00002f | The ID of the job. |
Example 1: Create an ACK dedicated cluster that supports sandboxed containers and uses the Flannel plug-in
Sample requests
POST /clusters
Common request headers
{
"cluster_type": "Kubernetes",
"name": "webService",
"region_id": "cn-hangzhou",
"disable_rollback": true,
"timeout_mins": 60,
"kubernetes_version": "1.18.8-aliyun.1",
"snat_entry": true,
"endpoint_public_access": false,
"cloud_monitor_flags": true,
"deletion_protection": false,
"node_cidr_mask": "26",
"proxy_mode": "ipvs",
"timezone": "Asia/Shanghai",
"tags": [],
"addons": [{
"name": "flannel"
}, {
"name": "arms-prometheus"
}, {
"name": "csi-plugin"
}, {
"name": "csi-provisioner"
}, {
"name": "logtail-ds",
"config": "{\"IngressDashboardEnabled\":\"true\"}"
}, {
"name": "ack-node-problem-detector",
"config": "{\"sls_project_name\":\"\"}"
}, {
"name": "nginx-ingress-controller",
"config": "{\"IngressSlbNetworkType\":\"internet\"}"
}],
"node_port_range": "30000-32767",
"login_password": "Hello1234!",
"cpu_policy": "none",
"master_count": 3,
"master_vswitch_ids": ["vsw-bp1hl2o4i9z7sbmy*****", "vsw-bp1hl2o4i9z7sbmy*****", "vsw-bp1hl2o4i9z7sbmy*****"],
"master_instance_types": ["ecs.c6e.large", "ecs.c6e.large", "ecs.c6e.large"],
"master_system_disk_category": "cloud_essd",
"master_system_disk_size": 120,
"runtime": {
"name": "Sandboxed-Container.runv",
"version": "2.1.0"
},
"worker_instance_types": ["ecs.ebmc5s.24xlarge"],
"num_of_nodes": 1,
"worker_system_disk_category": "cloud_essd",
"worker_system_disk_size": 120,
"worker_data_disks": [{
"category": "cloud_efficiency",
"size": "200",
"encrypted": "false",
"auto_snapshot_policy_id": ""
}],
"vpcid": "vpc-bp1gxh70jnkl12vq*****",
"worker_vswitch_ids": ["vsw-bp1hl2o4i9z7sbmy*****"],
"is_enterprise_security_group": true,
"container_cidr": "172.23.0.0/16",
"service_cidr": "172.21.0.0/20"
}
Sample success responses
XML
format
<cluster_id>cb95aa626a47740afbf6aa099b650****</cluster_id>
<task_id>T-5a54309c80282e39ea00002f</task_id>
<request_id>687C5BAA-D103-4993-884B-C35E4314A1E1</request_id>
JSON
format
{
"cluster_id": "cb95aa626a47740afbf6aa099b650****",
"task_id": "T-5a54309c80282e39ea00002f",
"request_id": "687C5BAA-D103-4993-884B-C35E4314A1E1"
}
Example 2: Create an ACK dedicated cluster that supports sandboxed containers and uses the Terway plug-in
pod_vswitch_ids
is required if you create a cluster that uses the Terway plug-in.
Sample requests
POST /clusters HTTP/1.1
Common request headers
{
"cluster_type":"Kubernetes",
"name":"webService-terway",
"region_id":"cn-beijing",
"disable_rollback":true,
"timeout_mins":60,
"kubernetes_version":"1.14.8-aliyun.1",
"snat_entry":true,
"endpoint_public_access":true,
"ssh_flags":true,"cloud_monitor_flags":true,
"deletion_protection":false,
"proxy_mode":"ipvs",
"tags":[],
"addons":[{"name":"terway-eni"},{"name":"flexvolume"},{"name":"alicloud-disk-controller"},{"name":"logtail-ds","config":"{\"IngressDashboardEnabled\":\"false\"}"},{"name":"ack-node-problem-detector","config":"{\"sls_project_name\":\"\"}"},{"name":"nginx-ingress-controller","config":"{\"IngressSlbNetworkType\":\"internet\"}"}],
"os_type":"Linux",
"platform":"CentOS",
"node_port_range":"30000-32767",
"pod_vswitch_ids":["vsw-2zete8s4qocqg0mf6****"],
"key_pair":"sian-sshkey",
"cpu_policy":"none",
"master_count":3,
"master_vswitch_ids":["vsw-2zed90q9inwtuyfzd****","vsw-2zed90q9inwtuyfzd****","vsw-2zed90q9inwtuyfzd****"],
"master_instance_types":["ecs.i1.4xlarge","ecs.i1.4xlarge","ecs.i1.4xlarge"],
"master_system_disk_category":"cloud_ssd",
"master_system_disk_size":120,
"runtime":{"name":"docker","version":"18.09.2"},
"worker_instance_types":["ecs.i1.4xlarge"],
"num_of_nodes":1,
"worker_system_disk_category":"cloud_efficiency",
"worker_system_disk_size":120,
"vpcid":"vpc-2zecuu62b9zw7a7qnn2tv",
"worker_vswitch_ids":["vsw-2zed90q9inwtuyfzd****"],
"is_enterprise_security_group":true,
"service_cidr":"172.21.0.0/20"
}
Sample success responses
XML
format
<cluster_id>cb95aa626a47740afbf6aa099b650****</cluster_id>
<task_id>T-5a54309c80282e39ea00002f</task_id>
<request_id>687C5BAA-D103-4993-884B-C35E4314A1E1</request_id>
JSON
format
{
"cluster_id": "cb95aa626a47740afbf6aa099b650****",
"task_id": "T-5a54309c80282e39ea00002f",
"request_id": "687C5BAA-D103-4993-884B-C35E4314A1E1"
}
Error codes
For a list of error codes, see Service error codes.