ALIYUN::ACS::Cluster - Resource Orchestration Service

ALIYUN::ACS::Cluster is used to create an Alibaba Cloud Container Compute Service (ACS) cluster.

Syntax

{
  "Type": "ALIYUN::ACS::Cluster",
  "Properties": {
    "Name": String,
    "Addons": List,
    "ClusterSpec": String,
    "DeletionProtection": Boolean,
    "EndpointPublicAccess": Boolean,
    "IpStack": String,
    "KubernetesVersion": String,
    "LoggingType": String,
    "LoadBalancerSpec": String,
    "MaintenanceWindow": Map,
    "PodVSwitchIds": List,
    "ResourceGroupId": String,
    "ServiceDiscoveryTypes": List,
    "SlsProjectName": String,
    "ServiceCidr": String,
    "SnatEntry": Boolean,
    "TimeZone": String,
    "Tags": List,
    "VSwitchIds": List,
    "VpcId": String,
    "ZoneId": String
  }
}

Properties

Property	Type	Required	Editable	Description	Constraint
Name	String	Yes	No	The cluster name.	The name can contain letters, digits, and en dashes (‒).
Addons	List	No	No	The components that you want to install in the cluster.	For more information, see Addons properties.
ClusterSpec	String	No	No	The type of the managed cluster.	Valid values: ack.pro.small: ACK Pro cluster ack.standard: ACK standard cluster Default value: ack.pro.small.
DeletionProtection	Boolean	No	No	Specifies whether to enable deletion protection for the cluster.	Once you enable deletion protection for the cluster, the cluster cannot be deleted in the ACK console or by calling specific API operations. Valid values: true false Default value: false.
EndpointPublicAccess	Boolean	No	No	Specifies whether to enable the API server over the Internet.	Valid values: true: enables the API server over the Internet. false: does not enable the API server over the Internet. If you use this value, only the API server over a private network can be created. Default value: false.
IpStack	String	No	No	The IP stack of the cluster.	None.
KubernetesVersion	String	No	No	The Kubernetes version of the cluster.	None.
LoggingType	String	No	No	The log entry type of the cluster.	By default, Simple Log Service (SLS) is not used.
LoadBalancerSpec	String	No	No	The specification of the Server Load Balancer (SLB) instance.	Valid values: slb.s1.small slb.s2.small slb.s2.medium slb.s3.small slb.s3.medium slb.s3.large
MaintenanceWindow	Map	No	No	The maintenance window of the cluster.	For more information, see MaintenanceWindow properties.
PodVSwitchIds	List	No	No	The configurations of the pod vSwitches.	You must specify this property when you use the Terway network component in the cluster. Take note of the following items: For each vSwitch assigned to a node, you must specify at least one pod vSwitch that resides in the same zone as the node vSwitch. This way, the pod vSwitch is used to ensure network communication among pods inside the node, and does not interfere with the node vSwitch that is used for cross-node communication or external communication. The pod vSwitch cannot be the same as the node vSwitch. This ensures isolation and hierarchical division in a network architecture and helps improve security and management efficiency for your system. We recommend that you specify a value that is not greater than 19 for the subnet mask length of the CIDR block of the Pod vSwitch.
ResourceGroupId	String	No	Yes	The ID of the resource group.	None.
ServiceDiscoveryTypes	List	No	No	The types of the service discovery feature that is implemented in a serverless Kubernetes (ASK) cluster.	CoreDNS: CoreDNS is a standard service discovery plug-in that is provided by open source Kubernetes. You must deploy a set of containers in the cluster to use the Domain Name System (DNS) resolution feature. By default, two elastic container instances are used. The specifications of each instance are 0.25 vCPUs and 512 MiB of memory. PrivateZone: Alibaba Cloud DNS PrivateZone is a service that is provided by Alibaba Cloud. You must activate Alibaba Cloud DNS PrivateZone before you use it to implement service discovery. By default, the service discovery feature in the ASK cluster is disabled.
SlsProjectName	String	No	No	The name of the SLS project.	If LoggingType is set to SLS and SlsProjectName is left empty, the system creates a new project.
ServiceCidr	String	No	No	The Service CIDR block. The Service CIDR block cannot conflict with the CIDR block that is used by the virtual private cloud (VPC) or the container.	When the VPC is automatically created by the system, 172.19.0.0/20 is used as the Service CIDR block by default.
SnatEntry	Boolean	No	No	Specifies whether to configure SNAT rules for the VPC.	Valid value when the VPC can access the Internet: false. Valid values when the VPC cannot access the Internet: true: configures SNAT rules for the VPC. In this case, the VPC can access the Internet. false: does not configure SNAT rules for the VPC. In this case, the VPC cannot access the Internet. Default value: true.
TimeZone	String	No	No	The time zone of the cluster.	None.
Tags	List	No	Yes	The tags that you want to add to the cluster.	For more information, see Tags properties.
VSwitchIds	List	No	No	The vSwitch IDs.	If you leave this property empty, the system automatically creates a vSwitch. You must specify the VpcId and VSwitchIds properties or leave both the properties empty.
VpcId	String	No	No	The VPC ID.	None.
ZoneId	String	No	No	The zone ID.	None.

Addons syntax

"Addons": [
  {
    "Config": String,
    "Disabled": Boolean,
    "Name": String
  }
]

Addons properties

Property	Type	Required	Editable	Description	Constraint
Name	String	Yes	No	The component name.	None.
Config	String	No	No	The configurations of the component.	If you leave this property empty, no configurations are required.
Disabled	Boolean	No	No	Specifies whether to disable automatic installation of the component.	None.

MaintenanceWindow syntax

"MaintenanceWindow": {
  "MaintenanceTime": String,
  "WeeklyPeriod": String,
  "Enable": Boolean,
  "Duration": String
}

MaintenanceWindow properties

Property	Type	Required	Editable	Description	Constraint
Duration	String	No	No	The duration of the maintenance window.	None.
Enable	Boolean	No	No	Specifies whether to enable the maintenance window.	None.
MaintenanceTime	String	No	No	The start time of the maintenance window.	None.
WeeklyPeriod	String	No	No	The day of a week on which the maintenance window works.	Valid values: Monday Tuesday Wednesday Thursday Friday Saturday Sunday

Tags syntax

"Tags": [
  {
    "Value": String,
    "Key": String
  }
]

Tags properties

Property	Type	Required	Editable	Description	Constraint
Key	String	Yes	No	The tag key.	None.
Value	String	No	No	The tag value.	None.

Return values

Fn::GetAtt

TaskId: the task ID. The ID is automatically assigned by the system for the task and can be used to query the task status.
ClusterId: the cluster ID.
APIServerSLBId: the ID of the SLB instance that is associated with the API server.
ScalingGroupId: the ID of the scaling group.
IngressSLBId: the ID of the SLB Ingress.
ScalingRuleId: the ID of the scaling rule.
DefaultUserKubeConfig: the default kubeconfig file that is used to configure the cluster credentials.
WorkerRamRoleName: the name of the Resource Access Management (RAM) role for the worker nodes.
ScalingConfigurationId: the ID of the scaling configuration.
PrivateUserKubConfig: the private kubeconfig file that is used to configure the cluster credentials.
Nodes: the nodes in the cluster.

Examples

YAML format

ROSTemplateFormatVersion: '2015-09-01'
Metadata: {}
Parameters: {}
Resources:
  Cluster:
    Type: ALIYUN::ACS::Cluster
    Properties:
      Name: test
      EndpointPublicAccess: false
      ServiceCidr: 172.19.0.0/20
      ClusterSpec: ack.pro.small
      SnatEntry: true
Outputs: {}

JSON format

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Metadata": {
  },
  "Parameters": {
  },
  "Resources": {
    "Cluster": {
      "Type": "ALIYUN::ACS::Cluster",
      "Properties": {
        "Name": "test",
        "EndpointPublicAccess": false,
        "ServiceCidr": "172.19.0.0/20",
        "ClusterSpec": "ack.pro.small",
        "SnatEntry": true
      }
    }
  },
  "Outputs": {
  }
}