All Products
Search
Document Center

Resource Orchestration Service:ALIYUN::CS::ASKCluster

Last Updated:Dec 13, 2024

ALIYUN::CS::ASKCluster is used to create a Container Service for Kubernetes (ACK) Serverless cluster.

Syntax

{
  "Type": "ALIYUN::CS::ASKCluster",
  "Properties": {
    "KubernetesVersion": String,
    "EndpointPublicAccess": Boolean,
    "ZoneId": String,
    "ResourceGroupId": String,
    "VSwitchIds": List,
    "SecurityGroupId": String,
    "Addons": List,
    "DeletionProtection": Boolean,
    "ClusterSpec": String,
    "Name": String,
    "TimeZone": String,
    "ServiceDiscoveryTypes": List,
    "VpcId": String,
    "ServiceCidr": String,
    "SnatEntry": Boolean,
    "Tags": List,
    "PrivateZone": Boolean,
    "DeleteOptions": List
  }
}

Properties

Property

Type

Required

Editable

Description

Constraint

KubernetesVersion

String

No

Yes

The version of the cluster.

None.

EndpointPublicAccess

Boolean

No

No

Specifies whether to enable Internet access to the API server of the cluster.

Valid values:

  • true (default): enables Internet access to the API server of the cluster.

  • false: disables Internet access to the API server of the cluster.

ZoneId

String

No

No

The ID of the zone in which the cluster resides.

If you do not specify VpcId and VSwitchIds when you create an ACK Serverless cluster, you must specify ZoneId for the cluster to automatically create virtual private cloud (VPC) resources in the zone.

ResourceGroupId

String

No

Yes

The ID of the resource group to which the cluster belongs.

None.

VSwitchIds

List

No

No

The IDs of the vSwitches to which the nodes in the cluster are connected.

You can specify up to three vSwitches.

Note

You must specify this property when you create an ACK managed cluster that does not contain nodes.

SecurityGroupId

String

No

No

The ID of the security group to which the Elastic Compute Service (ECS) instances in the cluster belong.  

None.

Addons

List

No

No

The components in the cluster.

None.

DeletionProtection

Boolean

No

No

Specifies whether to enable deletion protection to prevent the cluster from being accidentally deleted by using the ACK console or API.

Valid values:

  • true

  • false (default)

DeleteOptions

List

No

Yes

The options for deleting or retaining resources associated with the cluster.

For more information, see the "DeleteOptions properties" section of this topic.

ClusterSpec

String

No

No

The type of the ACK managed cluster.

Valid values:

  • ack.pro.small: ACK Pro cluster

  • ack.standard (default): ACK Basic cluster

Note

If you leave this property empty, an ACK Basic cluster is created.

For more information, see Overview of ACK Pro clusters.

Name

String

Yes

No

The cluster name.

The name must be 1 to 63 characters in length, and can contain digits, letters, and hyphens (-). It cannot start with a hyphen (-).

TimeZone

String

No

No

The time zone of the cluster.

None.

ServiceDiscoveryTypes

List

No

No

The methods for implementing service discovery in the cluster. This property is used for ACK Serverless clusters.

Valid values:

  • CoreDNS: a standard service discovery plug-in provided by open source Kubernetes. To use the Domain Name System (DNS) resolution, you must provision pods. By default, two elastic container instances are used. The specifications of each instance are 0.25 vCPUs and 512 MiB of memory.

  • PrivateZone: Alibaba Cloud DNS PrivateZone. By default, Alibaba Cloud DNS PrivateZone is not activated. You must activate it before you use it to implement service discovery.

VpcId

String

No

No

The VPC of the cluster.

None.

ServiceCidr

String

No

No

The Service CIDR block.

Valid values: 10.0.0.0/16-24, 172.16-31.0.0/16-24, and 192.168.0.0/16-24. The Service CIDR block cannot overlap with the VPC CIDR block 10.1.0.0/21 or the CIDR blocks of existing ACK clusters in the VPC. You cannot change the Service CIDR block after you create the cluster.

Note

By default, 172.19.0.0/20 is used as the Service CIDR block.

SnatEntry

Boolean

No

No

Specifies whether to configure SNAT rules for the VPC.

Valid values:

  • true (default): If you set this property to true, the system creates a NAT gateway and configures SNAT rules. You must use this value if nodes and applications in the cluster need to access the Internet.

  • false: If you set this property to false, the system does not create a NAT gateway or configure SNAT rules. In this case, nodes and applications in the cluster cannot access the Internet.

Note

If you set this property to false when you create the cluster, you can manually enable Internet access to meet your business requirements after you create the cluster. For more information, see Enable an existing ACK cluster to access the Internet.

Tags

List

No

Yes

The labels that you want to add to the nodes.

You must add labels based on the following rules:

  • Each label is a case-sensitive key-value pair. You can add up to 20 labels.

  • A label key must be unique and can be up to 64 characters in length. A label value can be an empty string or up to 128 characters in length. Label keys and label values cannot start with aliyun, acs:, https://, or http://. For more information, see Labels and Selectors.

PrivateZone

Boolean

No

No

Specifies whether to activate Alibaba Cloud DNS PrivateZone.

Valid values:

  • true

  • false

Addons syntax

"Addons": [
  {
    "Config": String,
    "Disabled": Boolean,
    "Name": String
  }
]

Addons properties

Property

Type

Required

Editable

Description

Constraint

Config

String

No

No

The configurations of the component.

None.

Disabled

Boolean

No

No

Specifies whether to disable default installation.

In addition to the required components, specific optional components, such as Simple Log Service (SLS) components, are also installed by default when you create a cluster. You can specify this property to disable the default installation of optional components. You can install the optional component by using the ACK console or API after the cluster is created.

Valid values:

  • true

  • false

Name

String

Yes

No

The component name.

None.

Tags syntax

"Tags": [
  {
    "Value": String,
    "Key": String
  }
]

Tags properties

Property

Type

Required

Editable

Description

Constraint

Value

String

No

No

The label key.

None.

Key

String

Yes

No

The label value.

None.

DeleteOptions syntax

"DeleteOptions": [
  {
    "DeleteMode": String,
    "ResourceType": String
  }
]

DeleteOptions properties

Property

Type

Required

Editable

Description

Constraint

DeleteMode

String

No

Yes

The policy that specifies whether to delete the specified type of resources.

Valid values:

  • delete: deletes the specified type of resources.

  • retain: retains the specified type of resources.

ResourceType

String

No

Yes

The type of the resources.

Valid values:

  • SLB: Server Load Balancer (SLB) resources created for Services. By default, the SLB resources are deleted.

  • ALB: Application Load Balancer (ALB) resources created by the ALB Ingress controller. By default, the ALB resources are retained.

  • SLS_Data: SLS projects used by the cluster logging feature. By default, the SLS projects are retained.

  • SLS_ControlPlane: SLS projects used by the control plane logs of ACK managed clusters. By default, the SLS projects are retained.

  • PrivateZone: Alibaba Cloud DNS PrivateZone resources created by ACK Serverless clusters. By default, the Alibaba Cloud DNS PrivateZone resources are retained.

Return values

Fn::GetAtt

  • TaskId: the task ID.

  • ClusterId: the cluster ID.

  • APIServerSLBId: the ID of the SLB instance that is associated with the API server.

  • ScalingGroupId: the ID of the scaling group.

  • ScalingRuleId: the ID of the scaling rule.

  • DefaultUserKubeConfig: the default kubeconfig file of the cluster credentials.

  • WorkerRamRoleName: the name of the Resource Access Management (RAM) role for the worker nodes.

  • ScalingConfigurationId: the ID of the scaling configuration.

  • PrivateUserKubConfig: the private kubeconfig file of the cluster credentials.

  • Nodes: the nodes in the cluster.

  • IngressSLBId: the ID of the SLB Ingress.

Examples

YAML format

ROSTemplateFormatVersion: '2015-09-01'
Description: Test Create ASKCluster
Parameters: {}
Resources:
  VSwitch:
    Type: ALIYUN::ECS::VSwitch
    Properties:
      VSwitchName: mytest
      VpcId:
        Ref: Vpc
      CidrBlock: 192.168.1.0/24
      ZoneId:
        Fn::Select:
          - '0'
          - Fn::GetAZs:
              Ref: ALIYUN::Region
  Vpc:
    Type: ALIYUN::ECS::VPC
    Properties:
      VpcName: mytest
      CidrBlock: 192.168.0.0/16
  ASKCluster:
    Type: ALIYUN::CS::ASKCluster
    Properties:
      VpcId:
        Ref: Vpc
      ClusterSpec: ack.pro.small
      Name: mytest
      VSwitchIds:
        - Ref: VSwitch
Outputs:
  ClusterId:
    Value:
      Fn::GetAtt:
        - ASKCluster
        - ClusterId
  TaskId:
    Value:
      Fn::GetAtt:
        - ASKCluster
        - TaskId

JSON format

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Description": "Test Create ASKCluster",
  "Parameters": {},
  "Resources": {
    "VSwitch": {
      "Type": "ALIYUN::ECS::VSwitch",
      "Properties": {
        "VSwitchName": "mytest",
        "VpcId": {
          "Ref": "Vpc"
        },
        "CidrBlock": "192.168.1.0/24",
        "ZoneId": {
          "Fn::Select": [
            "0",
            {
              "Fn::GetAZs": {
                "Ref": "ALIYUN::Region"
              }
            }
          ]
        }
      }
    },
    "Vpc": {
      "Type": "ALIYUN::ECS::VPC",
      "Properties": {
        "VpcName": "mytest",
        "CidrBlock": "192.168.0.0/16"
      }
    },
    "ASKCluster": {
      "Type": "ALIYUN::CS::ASKCluster",
      "Properties": {
        "VpcId": {
          "Ref": "Vpc"
        },
        "ClusterSpec": "ack.pro.small",
        "Name": "mytest",
        "VSwitchIds": [
          {
            "Ref": "VSwitch"
          }
        ]
      }
    }
  },
  "Outputs": {
    "ClusterId": {
      "Value": {
        "Fn::GetAtt": [
          "ASKCluster",
          "ClusterId"
        ]
      }
    },
    "TaskId": {
      "Value": {
        "Fn::GetAtt": [
          "ASKCluster",
          "TaskId"
        ]
      }
    }
  }
}