All Products
Search
Document Center

Elastic Container Instance:CreateVirtualNode

最終更新日:Nov 14, 2024

Creates a VNode to connect self-managed Kubernetes clusters to elastic container instances.

Operation description

  • When you call this operation to create a virtual node, the system automatically creates a service-linked role AliyunServiceRoleForECIVnode. This way, you can use the service-linked role to access relevant cloud services such as Elastic Container Instance, Elastic Compute Service (ECS), and Virtual Private Cloud (VPC). For more information, see Service-linked role for virtual nodes.
  • You are charged for virtual nodes based on number of virtual nodes that you use. Each virtual node has a resident node, which is equivalent to an ECI instance with 2 vCPU cores and 8 GiB memory. You are charged for virtual nodes based on elastic container instances.

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
eci:CreateVirtualNodecreate
*VirtualNode
acs:eci:{#regionId}:{#accountId}:virtualnode/*
  • eci:tag
none

Request parameters

ParameterTypeRequiredDescriptionExample
RegionIdstringYes

The region ID of the virtual node.

cn-hangzhou
ZoneIdstringNo

The zone ID of the VNode.

cn-hangzhou-b
SecurityGroupIdstringYes

The ID of the security group. The VNode and the elastic container instances in the VNode are added to the security group.

sg-2ze81zoc3yl7a3we****
VSwitchIdstringYes

The ID of the vSwitch. The vSwitch is connected to the VNode and the elastic container instances in the VNode.

You can specify 1 to 10 vSwitches for a VPC.

vsw-2ze23nqzig8inprou****
VirtualNodeNamestringNo

The name of the VNode. The name must be 2 to 128 characters in length, and can contain lowercase letters, digits, periods (.), and hyphens (-).

testNode
ResourceGroupIdstringNo

The ID of the resource group.

rg-uf66jeqopgqa9hdn****
ClientTokenstringNo

The client token that is used to ensure the idempotence of the request. You can use the client to generate the value, but you must ensure that the value is unique among different requests. The token can only contain ASCII characters and cannot exceed 64 characters in length. For more information, see How to ensure idempotence.

123e4567-e89b-12d3-a456-426655440000
EnablePublicNetworkbooleanNo

Specifies whether to enable Internet access for the VNode. Default value: false.

If the value of this parameter is true, the VNode exposes a public IP address to external services.

false
EipInstanceIdstringNo

The ID of the elastic IP address (EIP).

eip-uf66jeqopgqa9hdn****
KubeConfigstringNo

The KubeConfig of the Kubernetes cluster with which the VNode is connected. The value must be Base64-encoded.

JTVDbmFwaVZlcnNpb24lM0ElMjB2MSU1Q25jbHVzdGVycyUzQSU1Q24tJTIwY2x1c3RlciUzQSU1Q24uLi******
CustomResourcesstringNo

The custom resources that are supported by the virtual node. If a custom resource is specified in the request of an Elastic Container Instance pod, the pod is scheduled to run on the virtual node that supports the custom resource. You can use the Resource name = Number of resources format to specify custom resources. Separate multiple resources with commas (,).

example1.com=100,example2.com=200
ClusterDomainstringNo

The domain name of the cluster. If this parameter is specified, in addition to the search domain of the host, Kubelet configures all containers to search for the specified domain name.

example.com
ClusterDNSstringNo

The IP address of the DNS server. If dnsPolicy=ClusterFirst is configured for the Elastic Container Instance pod, Elastic Container Instance uses the configuration to provide DNS services to containers. You can configure multiple IP addresses. Separate multiple IP addresses with commas (,).

100.1.XX.XX
Tagarray<object>No

The tags to add to the VNode. You can add up to 20 tags.

objectNo

The information about the tag.

KeystringNo

The tag key.

name
ValuestringNo

The tag value.

test
Taintarray<object>No

The taints of the VNode. You can configure up to 20 taints.

objectNo

The information about a taint of the VNode.

KeystringNo

The key of the taint.

testKey
ValuestringNo

The value of the taint.

testValue
EffectstringNo

The effect of the taint. Valid values:

  • NoSchedule: does not schedule pods to run on the VNodes that have the taint.
  • NoExecute: evicts existing pods on the VNodes that have the taint while not scheduling pods to run on the VNodes.
  • PreferNoSchedule: avoids scheduling pods to run on the VNodes that have the taint.
NoSchedule
TlsBootstrapEnabledbooleanNo

Specifies whether to enable TLS bootstrapping. If you set this parameter to true, use the KubeConfig certificate for TLS bootstrapping. Valid values:

  • true
  • false

Default value: false.

false

Response parameters

ParameterTypeDescriptionExample
object
RequestIdstring

The ID of the request.

89164E78-FC82-4684-BE97-DCDD85D26546
VirtualNodeIdstring

The ID of the VNode.

vnd-2ze960zkdqrldeaw****

Examples

Sample success responses

JSONformat

{
  "RequestId": "89164E78-FC82-4684-BE97-DCDD85D26546",
  "VirtualNodeId": "vnd-2ze960zkdqrldeaw****"
}

Error codes

HTTP status codeError codeError messageDescription
400Account.ArrearageYour account has an outstanding payment.Your account has an outstanding payment.
400DryRunOperationRequest validation has been passed with DryRun flag set.Request validation has been passed with DryRun flag set.
400InvalidParameter.CPU.MemoryThe specified cpu and memory are not allowed-
400InvalidParameter.DuplicatedNameThe container group include containers with duplicate names.-
400InvalidParameter.DuplicatedVolumeNameThe container group includes volumes with duplicate names.The container group includes volumes with duplicate names.
400IncorrectStatus%s-
400ServiceNotEnabled%sYou have not activated the service that is required for processing this request.
400ImageSnapshot.IncorrectStatus%sThe status of the specified snapshot is invalid.
400ImageSnapshot.NotSupport%sImage caching based on data disk snapshots is not available for all users. If you want to enable this function, contact us.
400DiskVolume.NotSupportThe disk volume is not supported.Disk volume does not support your structure. If you want to enable this function, contact us.
400RamRole.NotSupportThe RAM role is not supported.The RAM role is not supported.
400DiskNumber.LimitExceedThe maximum number of disks in an instance is exceeded.The maximum number of disks in an instance is exceeded.
400InvalidPaymentMethod.InsufficientBalanceNo payment method is specified for your account. We recommend that you add a payment method or add funds to the prepayment balance.No payment method is specified for your account. We recommend that you add a payment method or add funds to the prepayment balance.
400DiskVolume.NotInSameZoneThe instance to be created and the disk are not in the same zone.The instance to be created and the disk are not in the same zone.
400NoPermissionYou are not authorized to use the "Product on ECI" feature.-
400HighCpuMemConfigRequiredYou need to apply to be added to the whitelist of the specified CPU and memory.You need to apply to be added to the whitelist of the specified CPU and memory.
400RecommendEmpty.InstanceTypeFamilyNotMatchedThe recommended instance type is unavailable in the current zone. Try again later.-
400LocalDiskAmountNotMatchThe number of local volumes does not match the instance type.-
400Payfor.CreditPayInsufficientBalanceYour payment credit line is insufficient.Your payment credit line is insufficient.
400InvalidOperation.KMS.InstanceTypeNotSupportThe specified instance is invalid. Only I/O optimized instances support KMS key.The specified instance is invalid. Only I/O optimized instances support KMS key.
400InvalidParameter.Encrypted.KmsNotEnabledKMS must be enabled for encrypted disks.-
400InvalidParameter.KMS.EncryptedIllegalAfter configuring the parameter KmsKeyId, you must enable encryption.After configuring the parameter KmsKeyId, you must enable encryption.
400Ipv6AddressNotSupportVswIPv6 is not supported in the specified vSwitch.-
400EipAddressPoolIpNotEnoughThe ip address of specified PublicIpAddressPool is not enough.-
400VnodeDedicatedHostIdAlreadyExistDedicatedHostId:%s of Vnode:%s already exists.-
400DedicatedHostQuotaExceededThe quota of DedicatedHost is exceeded.-
403OperationDenied.VswZoneMisMatchThe specified VSwitchId is not in the specified Zone.-
403QuotaExceeded%s quota exceeded.-
403Zone.NotOnSaleThe specified zone is not available for purchase.-
403Forbidden.RiskControlThis operation has been identified as an abnormal operation and cannot be processed.-
403Forbidden.SubUserThe specified action is not available for you.The specified action is not available for you.
403Forbidden.OnlyForInvitedTestEci create action is only open to invited users during public beta.Eci create action is only open to invited users during public beta.
403OperationDenied.SecurityGroupMisMatchThe specified VSwitchId and SecurityGroupId are not in the same VPC.The specified VSwitchId and SecurityGroupId are not in the same VPC.
403InvalidVSwitchId.IpNotEnoughThe specified VSwitch does not have enough IP addresses.-
403Forbidden.UserBussinessStatusThis operation is not allowed, because you have overdue bills. Pay the overdue bill and try again.-
403Forbidden.UserNotRealNameAuthenticationThis operation is not allowed, because you have not passed the real-name verification.-
403InvalidUser.PassRoleForbiddenThe RAM user is not authorized to assume a RAM role.The RAM user is not authorized to assume a RAM role.
403NoPermissionThe RAM role does not belong to ECS.-
403OperationDenied.NoStockSales of this resource are temporarily suspended in the specified zone. We recommend that you use the multi-zone creation function to avoid the risk of insufficient resource. For more information, see https://help.aliyun.com/document_detail/157290.html-
403InvalidParameter.KMS.KeyId.ForbiddenYou are not authorized to access the specified KMSKeyId.You are not authorized to access the specified KMSKeyId.
403NoPermissionThe RAM role AliyunECIContainerGroupRole does not belong to eci.aliyuncs.com. Please check and try again.-
403Forbidden.AccountClosedThe operation is forbidden. Your account has been closed.-
403InvalidOperation.ResourceManagedByCloudProductThe operation is forbidden. The security group has been managed by another cloud product.-
403Spot.NotMatched%s. We recommend that you use the create multi-zone function to avoid insufficient inventory. For more information, see https://help.aliyun.com/document_detail/157290.html-
403SecurityRisk.3DVerificationWe have detected a security risk with your default credit or debit card. Please proceed with verification via the link in your email.-
403CreateServiceLinkedRole.DeniedPlease make sure the account has ram:CreateServiceLinkedRole permission.Please make sure the account has ram:CreateServiceLinkedRole permission.
404ImageSnapshot.NotFoundThe specified snapshot does not exist.-
404InvalidDiskId.NotFoundThe specified disk does not exist.-
404InvalidParameter.KMS.KeyId.NotFoundThe specified KMSKeyId does not exist.The specified KMSKeyId does not exist.

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
2023-07-03The Error code has changed. The request parameters of the API has changedView Change Details
2023-06-13The Error code has changedView Change Details
2021-09-06Add OperationView Change Details