All Products
Search
Document Center

Elastic Container Instance:CreateContainerGroup

Last Updated:Nov 14, 2024

Creates an elastic container instance.

Operation description

When you call the CreateContainerGroup operation to create an elastic container instance, the system automatically creates a service-linked role named AliyunServiceRoleForECI. You can assume the service-linked role to access relevant cloud services such as Elastic Compute Service (ECS) and Virtual Private Cloud (VPC). For more information, see Elastic Container Instance service-linked role.

When you create an elastic container instance, you can configure features that are related to instances, images, and storage based on your business requirements. For information about parameters configured for the features and the description of the parameters, see the following documents:

Instances

You can use one of the following methods to create an elastic container instance:

Both the preceding creation methods support the following features:

Images

Networking

Storage

Container configuration

Logging and O&M

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
eci:CreateContainerGroupcreate
*ContainerGroup
acs:eci:{#regionId}:{#accountId}:containergroup/*
  • eci:tag
none

Request parameters

ParameterTypeRequiredDescriptionExample
RegionIdstringYes

The region ID of the instance.

cn-hangzhou
ZoneIdstringNo

The zone ID of the instance. If you do not specify this parameter, the system selects a zone.

This parameter is empty by default.

cn-hangzhou-b
SecurityGroupIdstringNo

The ID of the security group to which the instance belongs. Instances in the same security group can access each other.

If you do not specify a security group, the system automatically uses the default security group in the region that you selected. Make sure that the inbound rules of the security group contain the container protocols and port numbers that you want to expose. If you do not have a default security group in the region, the system creates a default security group, and then adds the container protocols and port numbers that you specified to the inbound rules of the security group.

sg-uf66jeqopgqa9hdn****
VSwitchIdstringNo

The IDs of the vSwitches that connect to the instance. You can specify up to 10 vSwitch IDs at a time. Separate multiple vSwitch IDs with commas (,). Example: vsw-***,vsw-***.

If you do not specify a vSwitch, the system automatically uses the default vSwitch in the default VPC in the region that you selected. If you do not have a default VPC or a default vSwitch in the region, the system automatically creates a default VPC and a default vSwitch.

Note The number of IP addresses in the vSwitch CIDR block determines the maximum number of elastic container instances that you can create for the vSwitch. Before you create elastic container instances, you must plan the CIDR block of the vSwitch.
vsw-bp1xpiowfm5vo8o3c****,vsw-bp1rkyjgr1xwoho6k****
ContainerGroupNamestringYes

The name of the elastic container instance (container group). The name must meet the following requirements:

  • The name must be 2 to 128 characters in length.
  • The name can contain lowercase letters, digits, and hyphens (-). It cannot start or end with a hyphen (-).
nginx-test
RestartPolicystringNo

The restart policy of the instance. Valid values:

  • Always: Always restarts the instance if a container in the instance exits upon termination.
  • Never: Never restarts the instance if a container in the instance exits upon termination.
  • OnFailure: Restarts the instance only if a container in the instance exists upon failure with a status code of non-zero.

Default value: Always.

Always
EipInstanceIdstringNo

The ID of the elastic IP address (EIP).

eip-uf66jeqopgqa9hdn****
CpufloatNo

The number of vCPUs that you want to allocate to the instance.

1.0
MemoryfloatNo

The memory size that you want to allocate to the instance. Unit: GiB.

2.0
ResourceGroupIdstringNo

The ID of the resource group.

rg-uf66jeqopgqa9hdn****
DnsPolicystringNo

The Domain Name System (DNS) policy. Valid values:

  • None: uses the DNS that is specified by DnsConfig.
  • Default: uses the DNS that is specified for the runtime environment.
Default
ClientTokenstringNo

The client token that is used to ensure the idempotence of the request. You can use the client to generate the token, but you must make sure that the token is unique among different requests. The token can contain only ASCII characters and cannot exceed 64 characters in length. For more information, see How to ensure idempotency.

123e4567-xxxx-12d3-xxxx-426655440000
InstanceTypestringNo

The ECS instance types that you specify to create the elastic container instance. Multiple instance types are supported. For more information, see Specify ECS instance types to create an elastic container instance.

ecs.c5.xlarge
ImageSnapshotIdstringNo

The ID of the image cache. For more information, see Use image caches to accelerate the creation of instances.

imc-2zebxkiifuyzzlhl****
RamRoleNamestringNo

The name of the instance Resource Access Management (RAM) role. You can use the same RAM role to access elastic container instances and ECS instances. For more information, see Use an instance RAM role by calling API operations.

RamTestRole
TerminationGracePeriodSecondslongNo

The buffer period of time during which the program handles operations before the program is stopped. Unit: seconds.

60
AutoMatchImageCachebooleanNo

Specifies whether to automatically match image caches. Default value: false.

false
Ipv6AddressCountintegerNo

The number of IPv6 addresses that are assigned to the instance. Set the value to 1. You can assign only one IPv6 address to an elastic container instance.

1
ActiveDeadlineSecondslongNo

The active period of the elastic container instance. After this period expires, the instance is forced to exit. Unit: seconds.

1000
SpotStrategystringNo

The bid policy for the instance. Valid values:

  • NoSpot: The instance is created as a pay-as-you-go instance.
  • SpotWithPriceLimit: The instance is created as a preemptible instance for which you specify the maximum hourly price.
  • SpotAsPriceGo: The instance is created as a preemptible instance for which the market price at the time of purchase is automatically used as the bid price.

Default value: NoSpot.

SpotWithPriceLimit
SpotPriceLimitfloatNo

The maximum hourly price of the preemptible elastic container instance. The value can be accurate to three decimal places.

If you set SpotStrategy to SpotWithPriceLimit, you must specify the SpotPriceLimit parameter.

0.025
ScheduleStrategystringNo

The resource scheduling policy when you specify multiple zones to create an elastic container instance. To specify multiple zones, you can use the VSwitchId to specify multiple vSwitches. Valid values:

  • VSwitchOrdered: The system schedules resources in the sequence of the vSwitches.
  • VSwitchRandom: The system schedules resources at random.

For more information, see Specify multiple zones to create an elastic container instance.

VSwitchOrdered
CorePatternstringNo

The path to core dump files. For more information, see Save core files to volumes.

Note The path cannot start with |. You cannot use core dump files to configure executable programs.``
/xx/xx/core
ShareProcessNamespacebooleanNo

Specifies whether to use a shared namespace. Default value: false.

false
AutoCreateEipbooleanNo

Specifies whether to automatically create an EIP and associate it with the elastic container instance.

true
EipBandwidthintegerNo

The maximum bandwidth value for the EIP. Unit: Mbit/s. Default value: 5.
This parameter is valid only when AutoCreateEip is set to true.

5
EipISPstringNo

The line type of the EIP. Default value: BGP. Valid values:

  • BGP: BGP (Multi-ISP) line
  • BGP_PRO: BGP (Multi-ISP) Pro line
BPG
EipCommonBandwidthPackagestringNo

The EIP bandwidth plan that you want to associate with the instance.

cbwp-2zeukbj916scmj51m****
HostNamestringNo

The hostname.

test
IngressBandwidthlongNo

The maximum inbound bandwidth. Unit: bit/s.

1024000
EgressBandwidthlongNo

The maximum outbound bandwidth. Unit: bit/s.

1024000
CpuOptionsCoreintegerNo

The number of physical CPU cores. You can specify this parameter for only specific ECS instance types.

2
CpuOptionsThreadsPerCoreintegerNo

The number of threads per core. You can specify this parameter for only specific ECS instance types. A value of 1 specifies that Hyper-Threading is disabled.

2
CpuOptionsNumastringNo

This parameter is not available.

1
EphemeralStorageintegerNo

The increased capacity of the temporary storage space. Unit: GiB.
For more information, see Increase the size of the temporary storage space.

20
Tagarray<object>No

The tags that you want to add to the instance. You can bind a maximum of 20 tags. For more information, see Use tags to manage elastic container instances.

objectNo

The tags that you want to bind with the instance. You can bind a maximum of 20 tags. For more information, see Use tags to manage elastic container instances.

KeystringNo

The tag key. The tag key cannot be an empty string and must be unique. The tag key can be up to 64 characters in length and cannot contain http:// or https://. The tag key cannot start with acs: or aliyun.

version
ValuestringNo

The tag value. The tag value can be an empty string. The tag value can be up to 128 characters in length. It cannot start with acs: and cannot contain http:// or https://.

3
ImageRegistryCredentialarray<object>No

The information about the logon credentials.

objectNo

The information about the image repository.

PasswordstringNo

The password that you use to access the image repository.

yourpassword
ServerstringNo

The address of the image repository.

registry-vpc.cn-shanghai.aliyuncs.com
UserNamestringNo

The username that you use to access the image repository.

yourusername
Containerarray<object>Yes

The information about the container.

objectYes

The information about containers.

ReadinessProbe.TimeoutSecondsintegerNo

The timeout period of the check. Default value: 1. Minimum value: 1. Unit: seconds.

1
ReadinessProbe.SuccessThresholdintegerNo

The minimum number of consecutive successes that must occur for the check to be considered successful. Default value: 1. Set the value to 1.

1
SecurityContext.Capability.AddarrayNo

The permissions that you want to grant to the processes in the container. Valid values: NET_ADMIN and NET_RAW.

Note To use the NET_RAW value, you must submit a ticket.
stringNo

The permission that you want to grant to the processes in the container. Valid values: NET_ADMIN and NET_RAW.

Note To use the NET_RAW value, you must submit a ticket.
NET_ADMIN
ReadinessProbe.TcpSocket.PortintegerNo

The port detected by Transmission Control Protocol (TCP) sockets when you use TCP sockets to perform health checks.

8000
ReadinessProbe.HttpGet.SchemestringNo

The protocol type of HTTP GET requests when you use HTTP requests to perform health checks. Valid values:

  • HTTP
  • HTTPS
Note When you configure ReadinessProbe-related parameters, you can select only one of the HttpGet, Exec, and TcpSocket check methods.
HTTP
LivenessProbe.PeriodSecondsintegerNo

The interval at which the health check is performed. Default value: 10. Minimum value: 1. Unit: seconds.

5
SecurityContext.ReadOnlyRootFilesystembooleanNo

Specifies whether the root file system on which the container runs is read-only. Set the value to true.

true
EnvironmentVararray<object>No

The environment variables of the container.

objectNo

The value of the environment variable for the container.

KeystringNo

The name of the environment variable. The name must be 1 to 128 characters in length and can contain letters, digits, and underscores (_). It cannot start with a digit.``

PATH
ValuestringNo

The value of the environment variable. The value can be up to 256 characters in length.

/usr/local/bin
FieldRef.FieldPathstringNo

The reference of the environment variable. Set the value to status.podIP.

status.podIP
LivenessProbe.TcpSocket.PortintegerNo

The port detected by Transmission Control Protocol (TCP) sockets when you use TCP sockets to perform health checks.

8080
TtybooleanNo

Specifies whether to enable interaction. Default value: false.

If the command is a /bin/bash command, set the value to true.

false
WorkingDirstringNo

The working directory of the container.

/usr/local/
ArgarrayNo

The arguments that are passed to the startup command of the container. You can specify up to 10 arguments.

stringNo

The argument that is passed to the startup command of the container. You can specify up to 10 arguments.

100
StdinbooleanNo

Specifies whether the container allocates buffer resources to standard input streams when the container is running. If you do not specify this parameter, an end-of-file (EOF) error may occur when standard input streams in the container are read. Default value: false.

false
LivenessProbe.InitialDelaySecondsintegerNo

The number of seconds between the time when the startup of the container ends and the time when the check starts.

5
VolumeMountarray<object>No

The information about the volume that you want to mount on the container.

objectNo

Details about the volumes.

MountPropagationstringNo

The mount propagation settings of the volume. Mount propagation allows volumes that are mounted on one container to be shared with other containers in the same pod, or even with other pods on the same node. Valid values:

  • None: The volume mount does not receive subsequent mounts that are performed on this volume or subdirectories of this volume.
  • HostToCotainer: The volume mount receives subsequent mounts that are performed on this volume or the subdirectories of this volume.
  • Bidirectional: This value is similar to HostToContainer. The volume mount receives subsequent mounts that are performed on this volume or the subdirectories of this volume. In addition, all volume mounts that are mounted on the container are propagated back to the host and all containers of all pods that use the same volume.

Default value: None.

None
MountPathstringNo

The directory to which the volume is mounted.

Note The data stored in this directory is overwritten by the data on the volume. Specify this parameter with caution.
/pod/data
ReadOnlybooleanNo

Specifies whether the volume is read-only. Default value: false.

false
SubPathstringNo

The subdirectory of the volume.

data2/
NamestringNo

The name of the volume. The value of this parameter is the same as the name of the volume that is mounted to containers.

default-volume1
ImagePullPolicystringNo

The policy that you want to use to pull images. Valid values:

  • Always: Each time instances are created, image pulling is performed.
  • IfNotPresent: On-premises images are preferentially used. If no on-premises images are available, image pulling is performed.
  • Never: On-premises images are always used. Image pulling is not performed.
Always
StdinOncebooleanNo

Specifies whether standard input streams are disconnected from multiple sessions after a client is disconnected.
If StdinOnce is set to true, standard input streams are connected after the container is started, and remain idle until a client is connected to receive data. After the client is disconnected, standard input streams are also disconnected, and remain disconnected until the container restarts.

false
LifecyclePreStopHandlerTcpSocketPortintegerNo

The port to which the system sends a TCP socket request for a health check when you use TCP sockets to specify a preStop hook.

90
LifecyclePostStartHandlerHttpGetSchemestringNo

The protocol type of HTTP GET requests when you use HTTP requests to specify a postStart hook. Valid values:

  • HTTP
  • HTTPS
HTTPS
ReadinessProbe.PeriodSecondsintegerNo

The interval at which the health check is performed. Default value: 10. Minimum value: 1. Unit: seconds.

3
LivenessProbe.SuccessThresholdintegerNo

The minimum number of consecutive successes that must occur for the check to be considered successful. Default value: 1. Set the value to 1.

1
CommandarrayNo

The commands to be executed in the container when you use a CLI to perform health checks.

Note When you configure ReadinessProbe-related parameters, you can select only one of the HttpGet, Exec, and TcpSocket check methods.
stringNo

The command to be executed in the container when you use a CLI to perform health checks.

sleep
LifecyclePostStartHandlerHttpGetHoststringNo

The IP address of the host that receives the HTTP GET request when you use an HTTP request to specify a postStart hook.

10.0.XX.XX
TerminationMessagePolicystringNo

The message notification policy. This parameter is empty by default. Only Message Service (MNS) queue message notifications can be sent.

FallbackToLogsOnError
ReadinessProbe.HttpGet.PathstringNo

The path to which the system sends an HTTP GET request when you use HTTP requests to perform health checks.

Note When you configure ReadinessProbe-related parameters, you can select only one of the HttpGet, Exec, and TcpSocket check methods.
/healthz
LivenessProbe.Exec.CommandarrayNo

Command N to be executed in the container when the health check is performed by using the command line.

stringNo

Command N to be executed in the container when the health check is performed by using the command line.

cat /tmp/healthy
LifecyclePostStartHandlerTcpSocketPortintegerNo

The port to which the system sends a TCP socket request for a health check when you use TCP sockets to specify a postStart hook.

80
LifecyclePostStartHandlerHttpGetPathstringNo

The path to which the system sends an HTTP GET request for a health check when you use an HTTP request to specify a postStart hook.

/healthyz
LifecyclePostStartHandlerExecarrayNo

The commands to be executed in containers when you use a CLI to specify a postStart hook.

stringNo

The command to be executed in the container when you use a CLI to specify a postStart hook.

["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"]
LifecyclePreStopHandlerHttpGetPathstringNo

The path to which the system sends an HTTP GET request for a health check when you use an HTTP request to specify a preSop hook.

/healthyz
Portarray<object>No

The port to which the system sends an HTTP GET request for a health check when you use HTTP requests to perform health checks.

Note When you configure LivenessProbe-related parameters, you can select only one of the HttpGet, Exec, and TcpSocket check methods.
objectNo

The port number.

ProtocolstringNo

The type of the protocol. Valid values:

  • TCP
  • UDP
TCP
PortintegerNo

The port number. Valid values: 1 to 65535.

80
TerminationMessagePathstringNo

The path of the file from which the system retrieves termination messages of the container when the container exits.

/tmp/termination-log
LifecyclePreStopHandlerHttpGetSchemestringNo

The protocol type of the HTTP GET request when you use an HTTP request to specify a preStop hook. Valid values:

  • HTTP
  • HTTPS
HTTP
LivenessProbe.HttpGet.SchemestringNo

The protocol type of HTTP GET requests when you use HTTP requests to perform health checks. Valid values:

  • HTTP
  • HTTPS
Note When you configure LivenessProbe-related parameters, you can select only one of the HttpGet, Exec, and TcpSocket check methods.
HTTP
ReadinessProbe.HttpGet.PortintegerNo

The port to which HTTP GET requests are sent when you use HTTP requests to perform health checks.

8080
LifecyclePostStartHandlerTcpSocketHoststringNo

The IP address of the host that receives the TCP socket request when you use a TCP socket request to specify a postStart hook.

10.0.XX.XX
GpuintegerNo

The number of GPUs that you want to allocate to the container.

1
ReadinessProbe.InitialDelaySecondsintegerNo

The number of seconds between the time when the startup of the container ends and the time when the check starts.

3
LifecyclePreStopHandlerExecarrayNo

The commands to be executed in containers when you use a CLI to specify a preStop hook.

stringNo

The command to be executed in the container when you use a CLI to specify a preStop hook.

["/bin/sh", "-c","echo Hello from the preStop handler > /usr/share/message"]
MemoryfloatNo

The memory size of the container. Unit: GiB

0.5
NamestringYes

The name of the container.

nginx
LifecyclePreStopHandlerHttpGetHoststringNo

The IP address of the host that receives the HTTP GET request when you use an HTTP request to specify a preStop hook.

10.0.XX.XX
LifecyclePreStopHandlerTcpSocketHoststringNo

The IP address of the host that receives the TCP socket request when you use a TCP socket request to specify a preStop hook.

10.0.XX.XX
ImagestringYes

The image of the container.

registry-vpc.cn-hangzhou.aliyuncs.com/eci_open/nginx:latest
LifecyclePreStopHandlerHttpGetPortintegerNo

The port to which the system sends an HTTP GET request for a health check when you use HTTP requests to specify a preStop hook.

88
LivenessProbe.FailureThresholdintegerNo

The minimum number of consecutive failures that must occur for the check to be considered failed. Default value: 3.

3
ReadinessProbe.Exec.CommandarrayNo

Command N to be executed in the container when the health check is performed by using the command line.

stringNo

Command N to be executed in the container when the health check is performed by using the command line.

cat /tmp/healthy
LifecyclePreStopHandlerHttpGetHttpHeaderarray<object>No

The HTTP GET request header.

objectNo

The HTTP GET request header.

ValuestringNo

The value of the custom field in the HTTP GET request header when you use HTTP requests to specify a preStop hook.

test-preStop
NamestringNo

The name of the custom field in the HTTP GET request header when you use HTTP requests to specify a presto hook.

Xiao-Custom-Header
ReadinessProbe.FailureThresholdintegerNo

The minimum number of consecutive failures that must occur for the check to be considered failed. Default value: 3.

3
CpufloatNo

The number of vCPUs that you want to allocate to the container.

0.25
LivenessProbe.HttpGet.PortintegerNo

The port to which HTTP GET requests are sent when you use HTTP requests to perform health checks.

8888
LivenessProbe.HttpGet.PathstringNo

The path to which the system sends an HTTP GET request when you use HTTP requests to perform health checks.

Note When you configure LivenessProbe-related parameters, you can select only one of the HttpGet, Exec, and TcpSocket check methods.
/healthz
LivenessProbe.TimeoutSecondsintegerNo

The timeout period of the check. Default value: 1. Minimum value: 1. Unit: seconds.

1
SecurityContext.RunAsUserlongNo

The ID of the user who runs the container.

1000
LifecyclePostStartHandlerHttpGetPortintegerNo

The port to which the system sends an HTTP GET request when you use an HTTP request to specify a postStart hook.

5050
LifecyclePostStartHandlerHttpGetHttpHeaderarray<object>No

The HTTP GET request header.

objectNo

The HTTP GET request header.

ValuestringNo

The value of the custom field in the HTTP GET request header when you use HTTP requests to specify a postStart hook.

test-postStart
NamestringNo

The name of the custom field in the HTTP GET request header when you use HTTP requests to specify a postStart hook.

Xiao-Custom-Header
EnvironmentVarHidebooleanNo

Specifies whether to hide the information about environment variables when you query the details of an elastic container instance. Default value: false. Valid values:

  • false
  • true If environment variables contain sensitive information, you can set this parameter to true to improve security of the information.
false
SecurityContextRunAsGrouplongNo

The user group that runs the container.

3000
SecurityContextRunAsNonRootbooleanNo

Specifies whether to run the container as a non-root user. Valid values:

  • true
  • false
true
SecurityContextPrivilegedbooleanNo

Specifies whether to enable privileged mode for the container. That is, whether to run the container in privileged mode. Default value: false. Valid values:

  • true
  • false
true
Volumearray<object>No

The information about the volume that you want to mount to the container.

objectNo

Details about the volumes.

TypestringNo

The type of the HostPath volume. Valid values:

  • Directory
  • File
Note Only users in the whitelist can mount HostPath volumes.
ConfigFileVolume
DiskVolume.DiskSizeintegerNo

The size of the volume when you set Type to DiskVolume. Unit: GiB.

15
NFSVolume.PathstringNo

The path of the NFS volume.

/share
DiskVolume.FsTypestringNo

The type of the file system when you set Type to DiskVolume.

xfs
FlexVolume.FsTypestringNo

The file system type when you set Type to FlexVolume. The default value varies based on the script of the FlexVolume plug-in.

ext4
HostPathVolume.TypestringNo

The type of the HostPath volume. Valid values:

  • Directory
  • File
Note This parameter is not publicly available.
Socket
ConfigFileVolume.DefaultModeintegerNo

The default permissions on the ConfigFile volume.

0644
NFSVolume.ReadOnlybooleanNo

Specify whether the permissions on the NFS volume are read-only. Default value: false.

false
ConfigFileVolume.ConfigFileToPatharray<object>No

The information about ConfigFile volumes.

objectNo

Details about ConfigFile volumes.

PathstringNo

The path of the ConfigFile volume relative to the mount directory.

liu/name
ModeintegerNo

The permissions on the ConfigFile volume. If you do not specify this parameter, the value of ConfigFileVolume.DefaultMode is used. The permissions are expressed by using four-digit octal numbers. For example, 0644 represents the permissions rw-r–r--, which indicates that the owner of the file has read and write permissions on the file and other users in the same user group as the file owner and public users have read permissions on the file.

Permission description:

  • ---: no permissions. The octal value is 0.
  • --x: only the execute permission. The octal value is 1.
  • -w-: only the write permission. The octal value is 2.
  • -wx: the write and execute permissions. The octal value is 3.
  • r--: only the read permission. The octal value is 4.
  • r-x: the read and execute permissions. The octal value is 5.
  • rw-: the read and write permissions. The octal value is 6.
  • rwx: the read, write, and execute permissions. The octal value is 7.
0644
ContentstringNo

The Base64-encoded content of the ConfigFile volume.
Maximum size: 32 KB.

bGl1bWk=
HostPathVolume.PathstringNo

The path to the HostPath volume on the host.

/pod/data
FlexVolume.OptionsstringNo

The options when you set the Type parameter to FlexVolume. Each option is a key-value pair in a JSON string.

For example, if you mount a disk by setting Type to FlexVolume, Options indicates the parameters of the disk. In this case, the options include:

  • volumeId: the ID of the existing disk.
  • volumeSize: the size of the disk. Unit: GiB. Valid values: 20 to 32768.
  • performanceLevel: the performance level of the disk. For more information, see Performance levels of disks.
  • deleteWithInstance: specifies whether to release the disk along with the instance. Default value: false.
  • encrypted: specifies whether to encrypt the disk. Default value: false. For more information, see Encryption overview.
  • kmsKeyId: the ID of the Key Management Service (KMS) key that you want to use to encrypt the disk.
{"volumeId":"d-2zehdahrwoa7srg****","performanceLevel": "PL2"}`
FlexVolume.DriverstringNo

The driver type when you use the FlexVolume plug-in to mount a volume. Valid values:

  • alicloud/disk: a disk driver.
  • alicloud/nas: a NAS driver.
  • alicloud/oss: an OSS driver.
alicloud/disk
NFSVolume.ServerstringNo

The endpoint of the server when you set Type to NFSVolume.

3f9cd4a596-naw76.cn-shanghai.nas.aliyuncs.com
DiskVolume.DiskIdstringNo

The ID of the disk when you set Type to DiskVolume.

d-xx
NamestringNo

The name of the volume.

default-volume1
EmptyDirVolume.MediumstringNo

The storage medium of the emptyDir volume. This parameter is left empty by default. In this case, the emptyDir volume uses the file system of the node as the storage medium. A value of memory indicates that the emptyDir volume uses the memory as the storage medium.

memory
EmptyDirVolume.SizeLimitstringNo

The size of the volume when you set Type to EmptyDirVolume. Unit: GiB.

2
InitContainerarray<object>No

The information about the init containers.

objectNo

The init containers.

SecurityContext.Capability.AddarrayNo

The permissions that you want to grant to the processes in the init containers. Valid values: NET_ADMIN and NET_RAW.

Note To use the NET_RAW value, you must submit a ticket.
stringNo

The permissions that you want to grant to the processes in the init container. Valid values: NET_ADMIN and NET_RAW.

Note To use the NET_RAW value, you must submit a ticket.
NET_ADMIN
ImagestringNo

The image of the init container.

nginx
VolumeMountarray<object>No

The information about the volumes that you want to mount to the init containers.

objectNo

The details about the volume mount.

MountPropagationstringNo

The mount propagation settings of the volume. Mount propagation allows volumes that are mounted on one init container to be shared with other init containers in the same pod, or even with other pods on the same node. Valid values:

  • None: The volume mount does not receive subsequent mounts that are performed on this volume or subdirectories of this volume.
  • HostToCotainer: The volume mount receives subsequent mounts that are performed on this volume or the subdirectories of this volume.
  • Bidirectional: This value is similar to HostToContainer. The volume mount receives subsequent mounts that are performed on this volume or the subdirectories of this volume. In addition, all volume mounts that are mounted on the init container are propagated back to the host and all init containers of all pods that use the same volume.

Default value: None.

None
MountPathstringNo

The directory to which the volume is mounted. The data stored in this directory is overwritten by the data on the volume. Specify this parameter with caution.

/usr/share/
ReadOnlybooleanNo

Specifies whether the mount path is read-only. Default value: false.

false
SubPathstringNo

The subdirectory of the volume. The pod can mount different directories of the same volume to different subdirectories of init containers.

/usr/sub/
NamestringNo

The name of the volume.

test-empty
Portarray<object>No

The information about the port.

objectNo

The port number of the init container.

ProtocolstringNo

The protocol type. Valid values:

  • TCP
  • UDP
TCP
PortintegerNo

The port number. Valid values: 1 to 65535.

8888
SecurityContext.ReadOnlyRootFilesystembooleanNo

Specifies whether the root file system on which the init container runs is read-only. Set the value to true.

true
TerminationMessagePathstringNo

The path of the file from which the system retrieves termination messages of the init container when the init container exits.

/tmp/termination-log
EnvironmentVararray<object>No

The environment variable of the init container.

objectNo

The environment variables for the container.

KeystringNo

The name of the environment variable. The name must be 1 to 128 bits in length and can contain letters, digits, and underscores (_). It cannot start with a digit.``

Path
ValuestringNo

The value of the environment variable. The value must be 0 to 256 bits in length.

/usr/bin/
FieldRef.FieldPathstringNo

The reference of the environment variable value. Set the value to status.podIP.

status.podIP
ImagePullPolicystringNo

The policy that you want to use to pull images. Valid values:

  • Always: Each time instances are created, image pulling is performed.
  • IfNotPresent: On-premises images are preferentially used. If no on-premises images are available, image pulling is performed.
  • Never: On-premises images are always used. Image pulling is not performed.
Always
WorkingDirstringNo

The working directory of the init container.

/usr/local
CpufloatNo

The number of vCPUs that you want to allocate to the init container.

0.5
ArgarrayNo

The arguments that are passed to the startup command of the init container.

stringNo

The argument that is passed to the startup command of the init container.

10
CommandarrayNo

The startup commands of the init container.

stringNo

The startup command of the init container.

sleep
GpuintegerNo

The number of GPUs that you want to allocate to the init container.

1
SecurityContext.RunAsUserlongNo

The ID of the user who runs the init container.

587
MemoryfloatNo

The memory size that you want to allocate to the init container. Unit: GiB.

1.0
TerminationMessagePolicystringNo

The message notification policy. This parameter is empty by default.

*****
NamestringNo

The name of the init container.

test-init
DnsConfig.NameServerarrayNo

The IP addresses of DNS servers.

stringNo

The IP address of the DNS server.

172.10.*.**
DnsConfig.SearcharrayNo

The search domains of DNS servers.

stringNo

The search domain of the DNS server.

svc.local.kubernetes
DnsConfig.Optionarray<object>No

Configuration options of the DNS server.

objectNo

Configuration options of the DNS server.

ValuestringNo

The value of the option.

value
NamestringNo

The name of the option.

name
HostAliasearray<object>No

The alias of the elastic container instance.

objectNo

The alias of the elastic container instance.

IpstringNo

The IP address of the elastic container instance.

1.1.1.1
HostnamearrayNo

The hostnames of the elastic container instance.

stringNo

The hostname of the elastic container instance.

hehe.com
SecurityContext.Sysctlarray<object>No

Configure a security context to modify safe sysctls. For more information, see Configure a security context.

objectNo

Configure a security context to modify sysctls. For more information, see Configure a security context

ValuestringNo

The value of the safe sysctl when you modify sysctls by configuring a security context.

65536
NamestringNo

The name of the safe sysctl when you modify sysctls by configuring a security context. Valid values:

  • net.ipv4.ping_group_range
  • net.ipv4.ip_unprivileged_port_start
kernel.msgmax
HostSecurityContext.Sysctlarray<object>No

Configure a security context to modify unsafe sysctls. For more information, see Configure a security context.

objectNo

Configure a security context to modify unsafe sysctls. For more information, see Configure a security context.

ValuestringNo

The value of the unsafe sysctl when you modify sysctls by configuring a security context.

65536
NamestringNo

The name of the unsafe sysctl when you modify sysctls by configuring a security context. Valid values:

  • kernel.shm * (except kernel.shm_rmid_forced)
  • kernel.msg*
  • kernel.sem
  • fs.mqueue.*
  • net.*(except net.ipv4.tcp_syncookies, net.ipv4.ping_group_range, and net.ipv4.ip_unprivileged_port_start)
kernel.msgmax
NtpServerarrayNo

The endpoints of the Network Time Protocol (NTP) servers.

stringNo

The endpoint of the NTP server.

ntp.cloud.aliyuncs.com
AcrRegistryInfoarray<object>No

The information about the Container Registry Enterprise Edition instance that provides the image for the creation of the elastic container instance. For more information, see Pull images from a Container Registry Enterprise Edition instance without using a secret.

objectNo

Details of the Container Registry Enterprise Edition instances.

DomainarrayNo

The domain names of the Container Registry Enterprise Edition instance. By default, all domain names of the instance are displayed. You can specify multiple domain names. Separate multiple domain names with commas (,).

stringNo

The domain name of the Container Registry Enterprise Edition instance. By default, all domain names of the instance are displayed. You can specify multiple domain names. Separate multiple domain names with commas (,).

*****-****-registry.cn-beijing.cr.aliyuncs.com
InstanceNamestringNo

The name of the Container Registry Enterprise Edition instance.

acr-test
InstanceIdstringNo

The ID of the Container Registry Enterprise Edition instance.

cri-nwj395hgf6f3****
RegionIdstringNo

The region ID of the Container Registry Enterprise Edition instance.

cn-beijing
ArnServicestringNo

The Alibaba Cloud Resource Name (ARN) of the RAM role in the Alibaba Cloud account to which the elastic container instance belongs.

acs:ram::1609982529******:role/role-assume
ArnUserstringNo

The ARN of the RAM role in the Alibaba Cloud account to which the Container Registry Enterprise Edition instance belongs.

acs:ram::1298452580******:role/role-acr
SpotDurationlongNo

The protection period of the preemptible elastic container instance. Unit: hours. Default value: 1. A value of 0 indicates no protection period.

1
StrictSpotbooleanNo

Specifies whether to enable periodical execution.

  • true: enables periodical execution.
  • false: disables periodical execution.
true
PlainHttpRegistrystringNo

The address of the self-managed image repository. When you create an elastic container instance by using an image in a self-managed image repository that uses the HTTP protocol, you must specify this parameter. This way, Elastic Container Instance pulls the image over the HTTP protocol instead of the default HTTPS protocol. This prevents image pull failures caused by different protocols.

"harbor***.pre.com,192.168.XX.XX:5000,reg***.test.com:80"
InsecureRegistrystringNo

The address of the self-managed image repository. When you create an elastic container instance by using an image in a self-managed image repository that uses a self-signed certificate, you must specify this parameter to skip the certificate authentication. This prevents image pull failures caused by certificate authentication failures.

"harbor***.pre.com,192.168.XX.XX:5000,reg***.test.com:80"
ImageAccelerateModestringNo

The image acceleration mode. Valid values:

  • nydus: uses Nydus to accelerate image pulling. The images must support Nydus.
  • dadi: uses DADI to accelerate image pulling. The images must support DADI.
  • p2p: uses P2P to accelerate image pulling. The images must support p2p.
  • imc: uses image caches to accelerate image pulling.
imc
Ipv6GatewayBandwidthEnablebooleanNo

Specifies whether to enable Internet access to the elastic container instance over IPv6 addresses.

true
Ipv6GatewayBandwidthstringNo

The maximum IPv6 Internet bandwidth when you set Ipv6GatewayBandwidthEnable to true. Valid values:

  • If the billing method for IPv6 network usage is pay-by-bandwidth, the maximum IPv6 Internet bandwidth ranges from 1 to 2,000 Mbit/s.

  • If the billing method for IPv6 network usage is pay-by-traffic, the maximum IPv6 Internet bandwidth varies based on the edition of the IPv6 gateway.

    • If the IPv6 gateway is of Free Edition, the maximum IPv6 Internet bandwidth ranges from 1 to 200 Mbit/s.
    • If the IPv6 gateway is of Enterprise Edition, the maximum IPv6 Internet bandwidth ranges from 1 to 500 Mbit/s.
    • If the IPv6 gateway is of Enhanced Enterprise Edition, the maximum IPv6 Internet bandwidth ranges from 1 to 1000 Mbit/s.

The default value is the maximum value in the Internet bandwidth range of the IPv6 gateway.

100
ContainerResourceViewbooleanNo

Specifies whether to enable container resource view. Container resource view displays the actual container resource data instead of data of the host. If the specifications of the generated elastic container instance are larger than the specifications that you request for when you create the instance, you can enable the ContainerResourceView feature to ensure that the resources that you view in the container are the same as the resources that you request for.

false
FixedIpstringNo

Specifies whether to configure the instance to use a fixed IP address. For more information, see Configure an elastic container instance to use a fixed IP address.

true
FixedIpRetainHourintegerNo

The retention period of the fixed IP address after the original instance is released and the fixed IP address becomes idle. Unit: hours. Default value: 48.

24
DataCacheBucketstringNo

The bucket that stores the data cache.

default
DataCachePLstringNo

The performance level (PL) of the disk that you want to use to store data caches.
Enhanced SSDs (ESSDs) are preferentially used to store data caches. The default performance level is PL1.

PL1
DataCacheProvisionedIopslongNo

The input/output operations per second (IOPS) provisioned for ESSDs AutoPL when ESSDs AutoPL are used to store data caches.
Valid values: 0 to min{50000, 1000 × Storage capacity - Baseline IOPS}. Baseline IOPS = min{1,800 + 50 × Storage capacity, 50,000}.
For more information, see ESSDs AutoPL.

40000
DataCacheBurstingEnabledbooleanNo

Specifies whether to enable the performance burst feature when ESSDs AutoPL are used to store data caches. For more information, see ESSDs AutoPL.

false
DryRunbooleanNo

Specifies whether to perform only a dry run, without performing the actual request. Valid values:

  • true: performs only a dry run. The system checks the request for potential issues, including missing parameter values, incorrect request syntax, service limits, and available resources. If the request passes the dry run, the DryRunOperation error code is returned. Otherwise, an error message is returned.
  • false (default): performs a dry run and performs the actual request. If the request passes the dry run, the elastic container instance is created.
false
PrivateIpAddressstringNo

The private IP address of the elastic container instance. Only IPv4 addresses are supported. Make sure that the IP address is idle.

172.16.0.1
OverheadReservationOptionobjectNo

The options that you can configure when you enable the overhead reservation feature.

EnableOverheadReservationbooleanNo

Specify whether to enable the overhead reservation feature. Default: false. Valid values: true and false. After you enable the overhead reservation feature, the system automatically adds the overhead to the specification of the elastic container instance, and then adjusts the specification of the instance upward to the most approximate specification. You are charged based on the new specification after the adjustment.

true
OsTypestringNo

The operating system of the elastic container instance. Default value: Linux. Valid values:

  • Linux
  • Windows
Note Windows instances are in invitational preview. To use the operating system, submit a ticket.
Windows
CpuArchitecturestringNo

The CPU architecture of the instance. Default value: AMD64. Valid values:

  • AMD64
  • ARM64
ARM64
ComputeCategoryarrayNo

The compute category of the instance. For more information, see Specify a compute category to create an elastic container instance.

stringNo

The compute category of the instance. Valid values:

  • economy: economy compute category
  • general: general compute category

You can specify multiple compute categories. The system selects the type for the elastic container instance based on the specified order of the compute categories.

economy
GpuDriverVersionstringNo

The version of the GPU driver. Default value: tesla=470.82.01. Valid values:

  • tesla=470.82.01
  • tesla=525.85.12
Note You can switch the GPU driver version only for a few Elastic Compute Service (ECS) instance types. For more information, see Specify GPU-accelerated ECS instance types to create an elastic container instance.
tesla=525.85.12

Response parameters

ParameterTypeDescriptionExample
object
RequestIdstring

The request ID.

89945DD3-9072-47D0-A318-353284CFC7B3
ContainerGroupIdstring

The ID of the instance.

eci-uf6fonnghi50u374****

Examples

Sample success responses

JSONformat

{
  "RequestId": "89945DD3-9072-47D0-A318-353284CFC7B3\t",
  "ContainerGroupId": "eci-uf6fonnghi50u374****"
}

Error codes

HTTP status codeError codeError messageDescription
400Account.ArrearageYour account has an outstanding payment.Your account has an outstanding payment.
400DryRunOperationRequest validation has been passed with DryRun flag set.Request validation has been passed with DryRun flag set.
400InvalidParameter.CPU.MemoryThe specified cpu and memory are not allowed-
400InvalidParameter.DuplicatedNameThe container group include containers with duplicate names.-
400InvalidParameter.DuplicatedVolumeNameThe container group includes volumes with duplicate names.The container group includes volumes with duplicate names.
400IncorrectStatus%s-
400ServiceNotEnabled%sYou have not activated the service that is required for processing this request.
400ImageSnapshot.IncorrectStatus%sThe status of the specified snapshot is invalid.
400ImageSnapshot.NotSupport%sImage caching based on data disk snapshots is not available for all users. If you want to enable this function, contact us.
400DiskVolume.NotSupportThe disk volume is not supported.Disk volume does not support your structure. If you want to enable this function, contact us.
400RamRole.NotSupportThe RAM role is not supported.The RAM role is not supported.
400DiskNumber.LimitExceedThe maximum number of disks in an instance is exceeded.The maximum number of disks in an instance is exceeded.
400InvalidPaymentMethod.InsufficientBalanceNo payment method is specified for your account. We recommend that you add a payment method or add funds to the prepayment balance.No payment method is specified for your account. We recommend that you add a payment method or add funds to the prepayment balance.
400DiskVolume.NotInSameZoneThe instance to be created and the disk are not in the same zone.The instance to be created and the disk are not in the same zone.
400NoPermissionYou are not authorized to use the "Product on ECI" feature.-
400HighCpuMemConfigRequiredYou need to apply to be added to the whitelist of the specified CPU and memory.You need to apply to be added to the whitelist of the specified CPU and memory.
400RecommendEmpty.InstanceTypeFamilyNotMatchedThe recommended instance type is unavailable in the current zone. Try again later.-
400LocalDiskAmountNotMatchThe number of local volumes does not match the instance type.-
400Payfor.CreditPayInsufficientBalanceYour payment credit line is insufficient.Your payment credit line is insufficient.
400InvalidOperation.KMS.InstanceTypeNotSupportThe specified instance is invalid. Only I/O optimized instances support KMS key.The specified instance is invalid. Only I/O optimized instances support KMS key.
400InvalidParameter.Encrypted.KmsNotEnabledKMS must be enabled for encrypted disks.-
400InvalidParameter.KMS.EncryptedIllegalAfter configuring the parameter KmsKeyId, you must enable encryption.After configuring the parameter KmsKeyId, you must enable encryption.
400InvalidSpotCpuMemorySpecThe specified CPU and memory are not allowed. You must create spot ECI using standard ECS specifications for CPU and memory.-
400Ipv6AddressNotSupportVswIPv6 is not supported in the specified vSwitch.-
400Ipv6AddressNotSupportIpv6 is not supported in specified region.-
400Ipv6AddressNotSupportInstanceTypeIPv6 is not supported for the specified instance type.-
400EipPayInsufficientBalanceYour account does not have enough balance to purchase eip.-
400EipPurchaseFlowControlRequest was denied due to eip frequent purchase.-
400ThrottlingYou have made too many requests within a short time; your request is denied due to request throttling-
400ThrottlingYou have made too many requests within a short time; your request is denied due to request throttling.You have made too many requests within a short time; your request is denied due to request throttling.
400JobInstanceBatchCreateNotSupportECI job instance not support batch create-
400JobInstanceDiskNotSupportECI job instance not support disk volume-
400JobInstanceEipNotSupportECI job instance not support eip-
400JobInstanceFeatureNotMatchECI job instance feature not match-
400JobInstanceImageCacheNotSupportECI job instance not support image cache-
400JobInstanceIPv6NotSupportECI job instance not support IPv6-
400JobInstanceRamRoleNotSupportECI job instance not support ram role-
400JobInstanceRegionNotSupportECI job instance not support in this region-
400JobInstanceSpotNotSupportECI job instance not support spot-
400LocalDiskAmountNotMatchThe amount of local volume is not matched with instance type.The amount of local volume is not matched with instance type.
400InvalidInstanceTypeForEciSpotDurationBuyCurrent instance type does not support spot duration instance.-
400InvalidInstanceTypeForEciBuySales of this current instance type is not supported in eci.-
400InstanceTypeNotMatchCpuArch%s.-
400JobInstanceEcsInstanceTypeNotSupportJob-optimized elastic container instances cannot be created by specifying ECS instance types.-
400PrivatePoolInstanceSpotNotSupportSpot is not supported for PrivatePool.-
400DryRun.SuccessThis request is a dryrun request with successful result.-
400PrivateIpAddress.Already.InUseThe specific PrivateIpAddress already in use.-
400IncorrectOperation%sYou cannot perform this operation on the specified resource.
400FeatureBasedConstraintConflictA conflict occurs in specified feature constraints: [%s].A conflict occurs in specified feature constraints
400OperationFailed.RiskControl%s.We have detected that your account has security risks. Please contact customer service personnel for details.
403OperationDenied.VswZoneMisMatchThe specified VSwitchId is not in the specified Zone.-
403QuotaExceeded%s quota exceeded.-
403Zone.NotOnSaleThe specified zone is not available for purchase.-
403Forbidden.RiskControlThis operation has been identified as an abnormal operation and cannot be processed.-
403Forbidden.SubUserThe specified action is not available for you.The specified action is not available for you.
403Forbidden.OnlyForInvitedTestEci create action is only open to invited users during public beta.Eci create action is only open to invited users during public beta.
403OperationDenied.SecurityGroupMisMatchThe specified VSwitchId and SecurityGroupId are not in the same VPC.The specified VSwitchId and SecurityGroupId are not in the same VPC.
403InvalidVSwitchId.IpNotEnoughThe specified VSwitch does not have enough IP addresses.-
403Forbidden.UserBussinessStatusThis operation is not allowed, because you have overdue bills. Pay the overdue bill and try again.-
403Forbidden.UserNotRealNameAuthenticationThis operation is not allowed, because you have not passed the real-name verification.-
403InvalidUser.PassRoleForbiddenThe RAM user is not authorized to assume a RAM role.The RAM user is not authorized to assume a RAM role.
403NoPermissionThe RAM role does not belong to ECS.-
403OperationDenied.NoStockSales of this resource are temporarily suspended in the specified zone. We recommend that you use the multi-zone creation function to avoid the risk of insufficient resource. For more information, see https://help.aliyun.com/document_detail/157290.html-
403InvalidParameter.KMS.KeyId.ForbiddenYou are not authorized to access the specified KMSKeyId.You are not authorized to access the specified KMSKeyId.
403NoPermissionThe RAM role AliyunECIContainerGroupRole does not belong to eci.aliyuncs.com. Please check and try again.-
403Forbidden.AccountClosedThe operation is forbidden. Your account has been closed.-
403InvalidOperation.ResourceManagedByCloudProductThe operation is forbidden. The security group has been managed by another cloud product.-
403Spot.NotMatched%s. We recommend that you use the create multi-zone function to avoid insufficient inventory. For more information, see https://help.aliyun.com/document_detail/157290.html-
403SecurityRisk.3DVerificationWe have detected a security risk with your default credit or debit card. Please proceed with verification via the link in your email.-
403CreateServiceLinkedRole.DeniedPlease make sure the account has ram:CreateServiceLinkedRole permission.Please make sure the account has ram:CreateServiceLinkedRole permission.
403Throttling.Vcpu.PerDayThe maximum number of request for the day has been exceeded.The maximum number of request for the day has been exceeded.
403OperationDenied.NoStockSales of this resource with specified features are temporarily suspended in the specified region; please check the instance type features and try again later.Sales of this resource with specified features are temporarily suspended in the specified region; please check the instance type features and try again later.
403FeatureAccessRestrictedAccess to this feature:[%s] is restricted. Please contact Alibaba Cloud ECI support to request access.Access to this feature is restricted. Please contact Alibaba Cloud ECI support to request access.
404ImageSnapshot.NotFoundThe specified snapshot does not exist.-
404InvalidDiskId.NotFoundThe specified disk does not exist.-
404InvalidParameter.KMS.KeyId.NotFoundThe specified KMSKeyId does not exist.The specified KMSKeyId does not exist.

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
2024-06-19The Error code has changedView Change Details
2024-04-12The Error code has changedView Change Details
2024-04-12The Error code has changed. The request parameters of the API has changedView Change Details
2023-12-27The Error code has changed. The request parameters of the API has changedView Change Details
2023-12-25The Error code has changed. The request parameters of the API has changedView Change Details
2023-12-25The Error code has changed. The request parameters of the API has changedView Change Details
2023-12-13The Error code has changed. The request parameters of the API has changedView Change Details
2023-12-06The Error code has changed. The request parameters of the API has changedView Change Details
2023-09-19The Error code has changedView Change Details
2023-09-12The Error code has changedView Change Details
2023-08-07The Error code has changedView Change Details
2023-08-04The Error code has changed. The request parameters of the API has changedView Change Details
2023-07-21The Error code has changed. The request parameters of the API has changedView Change Details
2023-06-27The Error code has changedView Change Details
2023-06-12The Error code has changed. The request parameters of the API has changedView Change Details
2023-06-08The Error code has changed. The request parameters of the API has changedView Change Details
2023-06-07The Error code has changed. The request parameters of the API has changedView Change Details
2023-04-03The Error code has changed. The request parameters of the API has changedView Change Details
2023-03-30The Error code has changedView Change Details
2023-03-24The Error code has changed. The request parameters of the API has changedView Change Details