How to use ALIYUN::CS::ASKCluster to create an ACK Serverless cluster - Resource Orchestration Service

ALIYUN::CS::ASKCluster is used to create an ACK Serverless cluster of Container Service for Kubernetes (ACK).

Syntax

{
  "Type": "ALIYUN::CS::ASKCluster",
  "Properties": {
    "KubernetesVersion": String,
    "EndpointPublicAccess": Boolean,
    "ZoneId": String,
    "ResourceGroupId": String,
    "VSwitchIds": List,
    "SecurityGroupId": String,
    "Addons": List,
    "DeletionProtection": Boolean,
    "ClusterSpec": String,
    "Name": String,
    "TimeZone": String,
    "ServiceDiscoveryTypes": List,
    "VpcId": String,
    "ServiceCidr": String,
    "SnatEntry": Boolean,
    "Tags": List,
    "PrivateZone": Boolean,
    "DeleteOptions": List
  }
}

Properties

Property	Type	Required	Editable	Description	Constraint
KubernetesVersion	String	No	Yes	The version of the cluster.	None.
EndpointPublicAccess	Boolean	No	No	Specifies whether to enable Internet access to the API server of the cluster.	Valid values: true (default): enables Internet access to the API server of the cluster. false: disables Internet access to the API server of the cluster. If you use this value, the API server of the cluster cannot be accessed over the Internet.
ZoneId	String	No	No	The ID of the zone that belongs to the region of the cluster.	If you do not specify `VpcId` and `VSwitchIds` when you create an ACK Serverless cluster, you must specify `ZoneId` for the cluster to automatically create virtual private cloud (VPC) resources in the zone.
ResourceGroupId	String	No	Yes	The ID of the resource group to which the cluster belongs.	None.
VSwitchIds	List	No	No	The IDs of the vSwitches to which the nodes in the cluster are connected.	You can specify up to three vSwitches. Note You must specify this property when you create an ACK managed cluster that does not contain nodes.
SecurityGroupId	String	No	No	The ID of the security group to which the Elastic Compute Service (ECS) instances in the cluster belong.	None.
Addons	List	No	No	The components in the cluster.	None.
DeletionProtection	Boolean	No	No	Specifies whether to enable deletion protection to prevent the cluster from being accidentally deleted in the ACK console or by calling specific ACK API operations.	Valid values: true false (default)
ClusterSpec	String	No	No	The type of the ACK managed cluster.	Valid values: ack.pro.small: ACK Pro cluster ack.standard (default): ACK standard cluster Note If you leave this property empty, an ACK standard cluster is created. For more information, see Overview of ACK Pro clusters.
Name	String	Yes	No	The cluster name.	The name must be 1 to 63 characters in length, and can contain digits, letters, and hyphens (-). It cannot start with a hyphen (-).
TimeZone	String	No	No	The time zone of the cluster.	None.
ServiceDiscoveryTypes	List	No	No	The methods for implementing service discovery in the cluster.	Valid values: CoreDNS: CoreDNS, which is a standard service discovery plug-in that is provided by open source Kubernetes. You must provision pods for Domain Name System (DNS) resolution. By default, two elastic container instances are used. The specifications of each instance are 0.25 vCPUs and 512 MiB of memory. PrivateZone: Alibaba Cloud DNS PrivateZone. By default, Alibaba Cloud DNS PrivateZone is not activated. You must activate it before you use it to implement service discovery.
VpcId	String	No	No	The VPC of the cluster.	None.
ServiceCidr	String	No	No	The Service CIDR block.	Valid values: `10.0.0.0/16-24`, `172.16-31.0.0/16-24`, and `192.168.0.0/16-24`. The Service CIDR block cannot overlap with the VPC CIDR block `10.1.0.0/21` or the CIDR blocks of existing ACK clusters in the VPC. You cannot change the Service CIDR block after you create the cluster. Note By default, `172.19.0.0/20` is used as the Service CIDR block.
SnatEntry	Boolean	No	No	Specifies whether to configure SNAT rules for the VPC.	Valid values: true (default): If you set this property to true, the system creates a NAT gateway and configures SNAT rules. You must use this value if nodes and applications in the cluster need to access the Internet. false: If you set this property to false, the system does not create a NAT gateway or configure SNAT rules. In this case, nodes and applications in the cluster cannot access the Internet. Note If you set this property to false when you create the cluster, you can manually enable Internet access to meet your business requirements after you create the cluster. For more information, see Enable an existing ACK cluster to access the Internet.
Tags	List	No	Yes	The labels that you want to add to the nodes.	You must add labels based on the following rules: Each label is a case-sensitive key-value pair. You can add up to 20 labels. A label key must be unique and can be up to 64 characters in length. A label value can be an empty string or up to 128 characters in length. Label keys and label values cannot start with `aliyun`, `acs:`, `https://`, or `http://`. For more information, see Labels and selectors.
PrivateZone	Boolean	No	No	Specifies whether to activate Alibaba Cloud DNS PrivateZone.	Valid values: true false

Addons syntax

"Addons": [
  {
    "Config": String,
    "Disabled": Boolean,
    "Name": String
  }
]

Addons properties

Property	Type	Required	Editable	Description	Constraint
Config	String	No	No	The configurations of the component.	None.
Disabled	Boolean	No	No	Specifies whether to disable default installation.	In addition to the required components, specific optional components, such as Simple Log Service (SLS) components, are also installed by default when you create a cluster. You can specify this property to disable the default installation of optional components. You can install the optional component in the ACK console or by calling specific ACK API operations after the cluster is created. Valid values: true false
Name	String	Yes	No	The component name.	None.

Tags syntax

"Tags": [
  {
    "Value": String,
    "Key": String
  }
]

Tags properties

Property	Type	Required	Editable	Description	Constraint
Value	String	No	No	The label key.	None.
Key	String	Yes	No	The label value.	None.

DeleteOptions syntax

"DeleteOptions": [
  {
    "DeleteMode": String,
    "ResourceType": String
  }
]

DeleteOptions properties

Property

Type

Required

Editable

Description

Constraint

DeleteMode

String

Yes

The policy that specifies whether to delete the specified type of resources.

Valid values:

delete: deletes the specified type of resources.
retain: retains the specified type of resources.

ResourceType

String

Yes

The type of the resources.

Valid values:

SLB: Server Load Balancer (SLB) resources created for Services. By default, the SLB resources are deleted.
ALB: Application Load Balancer (ALB) resources created by the ALB Ingress controller. By default, the ALB resources are retained.
SLS_Data: SLS projects used by the cluster logging feature. By default, the SLS projects are retained.
SLS_ControlPlane: SLS projects used by the control plane logs of ACK managed clusters. By default, the SLS projects are retained.
PrivateZone: Alibaba Cloud DNS PrivateZone resources created by ACK Serverless clusters. By default, the Alibaba Cloud DNS PrivateZone resources are retained.

Return values

Fn::GetAtt

TaskId: the task ID.
ClusterId: the cluster ID.
APIServerSLBId: the ID of the SLB instance that is associated with the API server.
ScalingGroupId: the ID of the scaling group.
ScalingRuleId: the ID of the scaling rule.
DefaultUserKubeConfig: the default kubeconfig file of the cluster credentials.
WorkerRamRoleName: the name of the Resource Access Management (RAM) role for the worker nodes.
ScalingConfigurationId: the ID of the scaling configuration.
PrivateUserKubConfig: the private kubeconfig file of the cluster credentials.
Nodes: the nodes in the cluster.
IngressSLBId: the ID of the SLB Ingress.

Examples

`YAML` format

ROSTemplateFormatVersion: '2015-09-01'
Description: Test Create ASKCluster
Parameters: {}
Resources:
  VSwitch:
    Type: ALIYUN::ECS::VSwitch
    Properties:
      VSwitchName: mytest
      VpcId:
        Ref: Vpc
      CidrBlock: 192.168.1.0/24
      ZoneId:
        Fn::Select:
          - '0'
          - Fn::GetAZs:
              Ref: ALIYUN::Region
  Vpc:
    Type: ALIYUN::ECS::VPC
    Properties:
      VpcName: mytest
      CidrBlock: 192.168.0.0/16
  ASKCluster:
    Type: ALIYUN::CS::ASKCluster
    Properties:
      VpcId:
        Ref: Vpc
      ClusterSpec: ack.pro.small
      Name: mytest
      VSwitchIds:
        - Ref: VSwitch
Outputs:
  ClusterId:
    Value:
      Fn::GetAtt:
        - ASKCluster
        - ClusterId
  TaskId:
    Value:
      Fn::GetAtt:
        - ASKCluster
        - TaskId

`JSON` format

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Description": "Test Create ASKCluster",
  "Parameters": {},
  "Resources": {
    "VSwitch": {
      "Type": "ALIYUN::ECS::VSwitch",
      "Properties": {
        "VSwitchName": "mytest",
        "VpcId": {
          "Ref": "Vpc"
        },
        "CidrBlock": "192.168.1.0/24",
        "ZoneId": {
          "Fn::Select": [
            "0",
            {
              "Fn::GetAZs": {
                "Ref": "ALIYUN::Region"
              }
            }
          ]
        }
      }
    },
    "Vpc": {
      "Type": "ALIYUN::ECS::VPC",
      "Properties": {
        "VpcName": "mytest",
        "CidrBlock": "192.168.0.0/16"
      }
    },
    "ASKCluster": {
      "Type": "ALIYUN::CS::ASKCluster",
      "Properties": {
        "VpcId": {
          "Ref": "Vpc"
        },
        "ClusterSpec": "ack.pro.small",
        "Name": "mytest",
        "VSwitchIds": [
          {
            "Ref": "VSwitch"
          }
        ]
      }
    }
  },
  "Outputs": {
    "ClusterId": {
      "Value": {
        "Fn::GetAtt": [
          "ASKCluster",
          "ClusterId"
        ]
      }
    },
    "TaskId": {
      "Value": {
        "Fn::GetAtt": [
          "ASKCluster",
          "TaskId"
        ]
      }
    }
  }
}