Use ALIYUN::CS::ManagedEdgeKubernetesCluster to create an ACK edge cluster - Resource Orchestration Service

ALIYUN::CS::ManagedEdgeKubernetesCluster is used to create a Container Service for Kubernetes (ACK) edge cluster.

Syntax

{ 
  "Type": "ALIYUN::CS::ManagedEdgeKubernetesCluster",
  "Properties": {
    "NumOfNodes": Number,
    "Profile": String,
    "VpcId": String,
    "ServiceCidr": String,
    "Name": String,
    "Tags": List,
    "ProxyMode": String,
    "DisableRollback": Boolean,
    "SnatEntry": Boolean,
    "VSwitchIds": List,
    "LoginPassword": String,
    "WorkerSystemDiskSize": Number,
    "KeyPair": String,
    "Addons": List,
    "WorkerDataDiskCategory": String,
    "EndpointPublicAccess": Boolean,
    "WorkerDataDisk": Boolean,
    "WorkerSystemDiskCategory": String,
    "WorkerDataDiskSize": Integer,
    "TimeoutMins": Number,
    "ClusterSpec": String,
    "ContainerCidr": String,
    "CloudMonitorFlags": Boolean,
    "WorkerInstanceTypes": List,
    "IsEnterpriseSecurityGroup": Boolean,
    "AutoRenewPeriod": Number,
    "ChargeType": String,
    "AutoRenew": Boolean,
    "Period": Number,
    "NodeCidrMask": String,
    "PeriodUnit": String,
    "DeletionProtection": Boolean,
    "ZoneIds": List,
    "ResourceGroupId": String,
    "WorkerDataDisks": List
  }
}

Properties

Property	Type	Required	Editable	Description	Constraint
Name	String	Yes	No	The cluster name.	The name must start with a letter or digit. It can contain letters, digits, and hyphens (-).
NumOfNodes	Number	Yes	No	The number of worker nodes.	Valid values: 0 to 300.
Addons	List	No	No	The components that you want to install in the cluster.	Network component: The Flannel and Terway components are supported. You must use one of the components when you create the cluster. Value format when you use the Flannel component: `[{"Name":"flannel","Config":""}]`. Value format when you use the Terway component: `[{"Name": "terway-eniip","Config": ""}]`. Storage component: The Container Storage Interface (CSI) and FlexVolume components are supported. Value format when you use the CSI component: `[{"Name":"csi-plugin","Config": ""},{"Name": "csi-provisioner","Config": ""}]`. Value format when you use the FlexVolume component: `[{"Name": "flexvolume","Config": ""}]`. (Optional) Simple Log Service (SLS) component: Note If you do not activate SLS, you cannot use the cluster auditing feature. Value format when you use an existing SLS project: `[{"Name": "logtail-ds","Config": "{\"IngressDashboardEnabled\":\"true\",\"sls_project_name\":\"your_sls_project_name\"}"}]`. Value format when you create an SLS project: `[{"Name": "logtail-ds","Config": "{\"IngressDashboardEnabled\":\"true\"}"}]`. (Optional) Ingress component: By default, the nginx-ingress-controller component is installed in ACK dedicated clusters. Value format when you install the nginx-ingress-controller component and enable Internet access: `[{"Name":"nginx-ingress-controller","Config":"{\"IngressSlbNetworkType\":\"internet\"}"}]`. Value format when you do not install the nginx-ingress-controller component: `[{"Name": "nginx-ingress-controller","Config": "","Disabled": true}]`. (Optional) Event center: By default, the event center feature is enabled. You can use event centers to store and query Kubernetes events and configure alerts. You can use the Logstores that are associated with event centers for free within 90 days. For more information, see Create and use an event center. Value format when you enable the event center feature: `[{"Name":"ack-node-problem-detector","Config":"{\"sls_project_name\":\"your_sls_project_name\"}"}]`. For more information, see Addons properties.
AutoRenew	Boolean	No	No	Specifies whether to enable auto-renewal.	This property takes effect when ChargeType is set to PrePaid. Valid values: true (default) false
AutoRenewPeriod	Number	No	No	The auto-renewal period.	This property takes effect when ChargeType is set to PrePaid and AutoRenew is set to true. Valid values when PeriodUnit is set to Week: 1 to 3. Valid values when PeriodUnit is set to Month: 1, 2, 3, 6, and 12. Default value: 1.
ChargeType	String	No	No	The billing method.	Valid values: PrePaid: subscription PostPaid (default): pay-as-you-go
CloudMonitorFlags	Boolean	No	No	Specifies whether to install the CloudMonitor agent.	Valid values: true false (default)
ClusterSpec	String	No	No	The type of the ACK managed cluster.	Valid values: ack.pro.small: ACK edge Pro cluster ack.standard (default): ACK edge standard cluster
ContainerCidr	String	No	No	The pod CIDR block.	You must specify this property when you create a cluster in which the Flannel component is used. The pod CIDR block must be one of the following virtual private cloud (VPC) CIDR blocks or their subnets: 10.0.0.0/8 172.16-31.0.0/12-16 192.168.0.0/16 The pod CIDR block cannot overlap with the VPC CIDR block or with the CIDR blocks of existing clusters in the VPC. You cannot change the pod CIDR block after the cluster is created. For more information, see Plan the network of an ACK cluster.
DeletionProtection	Boolean	No	No	Specifies whether to enable deletion protection.	After you enable deletion protection, you cannot delete the cluster by using the ACK console or by calling specific ACK API operations. Valid values: true false (default)
DisableRollback	Boolean	No	No	Specifies whether to disable rollback for resources if the cluster fails to be created.	Valid values: true (default) false Note If you set this property to false, the resources that are generated during the cluster creation are released when the cluster fails to be created. We recommend that you set this property to true.
EndpointPublicAccess	Boolean	No	No	Specifies whether to allow the cluster to access the API server over the Internet.	Valid values: true (default) false
IsEnterpriseSecurityGroup	Boolean	No	No	Specifies whether to create an advanced security group.	This property takes effect when SecurityGroupId is left empty. Valid values: true: creates an advanced security group. If you install the Terway component in a cluster, you must create an advanced security group. false (default): does not create an advanced security group.
KeyPair	String	No	No	The name of the key pair.	You must specify LoginPassword or KeyPair.
LoginPassword	String	No	No	The logon password.	The password must be 8 to 30 characters in length. It must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters. The following special characters are supported: ( ) ` ~ ! @ # $ % ^ & * - + = \| { } [ ] : ; ‘ < > , . ? /. You must specify LoginPassword or KeyPair.
NodeCidrMask	String	No	No	The maximum number of CIDR blocks that can be assigned to the nodes.	The value of this property varies based on the pod CIDR block. This property takes effect only when you use the Flannel component in the cluster. Default value: 25.
Period	Number	No	No	The subscription duration of the cluster.	You must specify this property when ChargeType is set to PrePaid. Valid values when PeriodUnit is set to Week: 1 to 4. Valid values when PeriodUnit is set to Month: 1, 2, 3, 4, 5, 6, 7, 8, 9, 12, 24, 36, 48, and 60. Default value: 1.
PeriodUnit	String	No	No	The unit of the subscription duration of the cluster.	This property takes effect when ChargeType is set to PrePaid. Valid values: Week Month (default)
Profile	String	No	No	The identifier that indicates whether the cluster is an ACK edge cluster.	Default value: Edge.
ProxyMode	String	No	No	The kube-proxy mode.	Valid values: iptables (default) ipvs
ResourceGroupId	String	No	Yes	The ID of the resource group to which the cluster belongs.	None.
ServiceCidr	String	No	No	The Service CIDR block.	The Service CIDR block cannot overlap with the VPC CIDR block or container CIDR block. If you use the VPC that is automatically created by the system, 172.19.0.0/20 is used as the Service CIDR block by default.
SnatEntry	Boolean	No	No	Specifies whether to configure SNAT rules for the VPC.	Valid values: true false (default) Note If you use the VPC that is automatically created by the system, you must set this property to true. If you use an existing VPC that is not automatically created by the system, you must specify this property based on whether the VPC can access the Internet.
Tags	List	No	Yes	The tags.	You can add up to 20 tags. For more information, see Tags properties.
TimeoutMins	Number	No	No	The timeout period for the creating the cluster.	Default value: 60. Unit: minutes.
VpcId	String	No	No	The VPC ID.	If you do not specify this property, the system automatically creates a VPC whose CIDR block is 192.168.0.0/16. You must leave the VpcId and VSwitchIds properties empty or specify both the properties.
VSwitchIds	List	No	No	The IDs of the vSwitches.	You can specify one to three vSwitch IDs. You must leave the VpcId and VSwitchIds properties empty or specify both the properties.
WorkerDataDisk	Boolean	No	No	Specifies whether to attach data disks to worker nodes.	Valid values: true false (default)
WorkerDataDiskCategory	String	No	No	The data disk category.	Valid values: cloud_efficiency (default): ultra disk cloud_ssd: standard SSD cloud_essd: Enterprise SSD (ESSD)
WorkerDataDisks	List	No	No	The configurations of the data disks that you want to attach to worker nodes. The configurations include disk categories and disk sizes.	This property takes effect only when you attach data disks to worker nodes. For more information, see WorkerDataDisks properties.
WorkerDataDiskSize	Integer	No	No	The data disk size of the worker nodes.	None.
WorkerInstanceTypes	List	No	No	The instance types of the worker nodes.	None.
WorkerSystemDiskCategory	String	No	No	The system disk category of the worker nodes.	Valid values: cloud_efficiency (default): ultra disk cloud_ssd: standard SSD cloud_essd: ESSD
WorkerSystemDiskSize	Number	No	No	The system disk size of the worker nodes.	Default value: 120. Unit: GiB.
ZoneIds	List	No	No	The zones to which the vSwitches of the worker nodes belong.	None.

Tags syntax

"Tags": [
  {
    "Key": String,
    "Value": String
  }
]

Tags properties

Property	Type	Required	Editable	Description	Constraint
Key	String	Yes	No	The tag key.	The tag key must be 1 to 64 characters in length, and cannot start with `aliyun`, `acs:`, `https://`, or `http://`.
Value	String	No	No	The tag value.	The tag value can be up to 128 characters in length, and cannot start with `aliyun`, `acs:`, `https://`, or `http://`.

WorkerDataDisks syntax

"WorkerDataDisks": [
  {
    "Category": String,
    "Size": Number
  }
]

WorkerDataDisks properties

Property

Type

Required

Editable

Description

Constraint

Addons syntax

"Addons": [
  {
    "Disabled": Boolean,
    "Config": String,
    "Name": String
  }
]

Addons properties

Property	Type	Required	Editable	Description	Constraint
Name	String	Yes	No	The component name.	None.
Config	String	No	No	The configurations of the component.	None.
Disabled	Boolean	No	No	Specifies whether to disable default installation for the component.	Valid values: true false (default)

Return values

Fn::GetAtt

ClusterId: the cluster ID.
TaskId: the task ID. The task ID is automatically assigned by the system and is used to query the status of the task.
WorkerRamRoleName: the name of the Resource Access Management (RAM) role for the worker nodes.
DefaultUserKubeConfig: the default configurations of user credentials for the cluster.
ScalingRuleId: the ID of the scaling rule.
ScalingGroupId: the ID of the scaling group.
PrivateUserKubConfig: the private configurations of user credentials for the cluster.
ScalingConfigurationId: the ID of the scaling configuration.
Nodes: the nodes in the cluster.
APIServerSLBId: the ID of the Server Load Balancer (SLB) instance that is associated with the API server.
IngressSLBId: the ID of the SLB Ingress.

Examples

`YAML` format

ROSTemplateFormatVersion: '2015-09-01'
Description: Test ManagedEdgeKubernetesCluster
Parameters:
  VSwitchZoneId:
    Type: String
    AssociationProperty: ALIYUN::ECS::Instance::ZoneId
    Description: Availability ID for existing switches
    Label: VSwitch Zone ID
  VpcId:
    Type: String
    Default: Null
    AssociationProperty: ALIYUN::ECS::VPC::VPCId
    Description: Please search the ID starts with (vpc-xxx)from console-Virtual Private Cloud
    Label: Existing VPC ID
  VSwitchId:
    Type: String
    Default: Null
    AssociationProperty: ALIYUN::ECS::VSwitch::VSwitchId
    Description: Please search the business VSwitch ID starts with(vsw-xxx)from console-Virtual Private Cloud-VSwitches
    Label: VSwitch ID
    AssociationPropertyMetadata:
      ZoneId: ${VSwitchZoneId}
      VpcId: ${VpcId}
  ClusterName:
    Type: String
    Default: mytest
  Password:
    Type: String
    Description: Server login password, Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^*_-+=|{}[]:;,.? Special symbol in).
    MinLength: 8
    Label: Instance Password
    NoEcho: true
    MaxLength: 30
    ConstraintDescription: Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^*_-+=|{}[]:;',.?/ Special symbol in).
  NumOfNodes:
    Type: Number
    Default: 1
    MinValue: 0
    MaxValue: 300
  WorkerInstanceType:
    AssociationProperty: ALIYUN::ECS::Instance::InstanceType
    AssociationPropertyMetadata:
      ZoneId: ${VSwitchZoneId}
    Type: String
    Label: Instance Type
  WorkerSystemDiskCategory:
    AssociationProperty: ALIYUN::ECS::Disk::SystemDiskCategory
    AssociationPropertyMetadata:
      ZoneId: ${VSwitchZoneId}
      InstanceType: ${WorkerInstanceType}
    Type: String
    Label: System Disk Type
Resources:
  Cluster:
    Type: ALIYUN::CS::ManagedEdgeKubernetesCluster
    Properties:
      NumOfNodes:
        Ref: NumOfNodes
      Name:
        Ref: ClusterName
      LoginPassword:
        Ref: Password
      VpcId:
        Ref: VpcId
      VSwitchIds:
        - Ref: VSwitchId
      WorkerInstanceTypes:
        - Ref: WorkerInstanceType
      WorkerSystemDiskCategory:
        Ref: WorkerSystemDiskCategory
      ServiceCidr: 172.19.0.0/20
Outputs:
  ClusterId:
    Value:
      Fn::GetAtt:
        - Cluster
        - ClusterId
  TaskId:
    Value:
      Fn::GetAtt:
        - Cluster
        - TaskId

`JSON` format

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Description": "Test ManagedEdgeKubernetesCluster",
  "Parameters": {
    "VSwitchZoneId": {
      "Type": "String",
      "AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",
      "Description": "Availability ID for existing switches",
      "Label": "VSwitch Zone ID"
    },
    "VpcId": {
      "Type": "String",
      "Default": null,
      "AssociationProperty": "ALIYUN::ECS::VPC::VPCId",
      "Description": "Please search the ID starts with (vpc-xxx)from console-Virtual Private Cloud",
      "Label": "Existing VPC ID"
    },
    "VSwitchId": {
      "Type": "String",
      "Default": null,
      "AssociationProperty": "ALIYUN::ECS::VSwitch::VSwitchId",
      "Description": "Please search the business VSwitch ID starts with(vsw-xxx)from console-Virtual Private Cloud-VSwitches",
      "Label": "VSwitch ID",
      "AssociationPropertyMetadata": {
        "ZoneId": "${VSwitchZoneId}",
        "VpcId": "${VpcId}"
      }
    },
    "ClusterName": {
      "Type": "String",
      "Default": "mytest"
    },
    "Password": {
      "Type": "String",
      "Description": "Server login password, Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^*_-+=|{}[]:;,.? Special symbol in).",
      "MinLength": 8,
      "Label": "Instance Password",
      "NoEcho": true,
      "MaxLength": 30,
      "ConstraintDescription": "Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^*_-+=|{}[]:;',.?/ Special symbol in)."
    },
    "NumOfNodes": {
      "Type": "Number",
      "Default": 1,
      "MinValue": 0,
      "MaxValue": 300
    },
    "WorkerInstanceType": {
      "AssociationProperty": "ALIYUN::ECS::Instance::InstanceType",
      "AssociationPropertyMetadata": {
        "ZoneId": "${VSwitchZoneId}"
      },
      "Type": "String",
      "Label": "Instance Type"
    },
    "WorkerSystemDiskCategory": {
      "AssociationProperty": "ALIYUN::ECS::Disk::SystemDiskCategory",
      "AssociationPropertyMetadata": {
        "ZoneId": "${VSwitchZoneId}",
        "InstanceType": "${WorkerInstanceType}"
      },
      "Type": "String",
      "Label": "System Disk Type"
    }
  },
  "Resources": {
    "Cluster": {
      "Type": "ALIYUN::CS::ManagedEdgeKubernetesCluster",
      "Properties": {
        "NumOfNodes": {
          "Ref": "NumOfNodes"
        },
        "Name": {
          "Ref": "ClusterName"
        },
        "LoginPassword": {
          "Ref": "Password"
        },
        "VpcId": {
          "Ref": "VpcId"
        },
        "VSwitchIds": [
          {
            "Ref": "VSwitchId"
          }
        ],
        "WorkerInstanceTypes": [
          {
            "Ref": "WorkerInstanceType"
          }
        ],
        "WorkerSystemDiskCategory": {
          "Ref": "WorkerSystemDiskCategory"
        },
        "ServiceCidr": "172.19.0.0/20"
      }
    }
  },
  "Outputs": {
    "ClusterId": {
      "Value": {
        "Fn::GetAtt": [
          "Cluster",
          "ClusterId"
        ]
      }
    },
    "TaskId": {
      "Value": {
        "Fn::GetAtt": [
          "Cluster",
          "TaskId"
        ]
      }
    }
  }
}

Syntax

Properties

Tags syntax

Tags properties

WorkerDataDisks syntax

WorkerDataDisks properties

Addons syntax

Addons properties

Return values

Examples

YAML format

JSON format

`YAML` format

`JSON` format