ManagedKubernetesClusterProps
Properties for defining a ManagedKubernetesCluster.
See https://www.alibabacloud.com/help/ros/developer-reference/aliyun-cs-managedkubernetescluster
Initializer
import ros_cdk_cs
ros_cdk_cs.ManagedKubernetesClusterProps(
name: typing.Union[str, IResolvable],
vpc_id: typing.Union[str, IResolvable],
addons: typing.Union[IResolvable, typing.List[typing.Union[IResolvable, AddonsProperty]]] = None,
cloud_monitor_flags: typing.Union[bool, IResolvable] = None,
cluster_spec: typing.Union[str, IResolvable] = None,
container_cidr: typing.Union[str, IResolvable] = None,
control_plane_log_components: typing.Union[IResolvable, typing.List[typing.Union[str, IResolvable]]] = None,
control_plane_log_project: typing.Union[str, IResolvable] = None,
control_plane_log_ttl: typing.Union[typing.Union[int, float], IResolvable] = None,
delete_options: typing.Union[IResolvable, typing.List[typing.Union[IResolvable, DeleteOptionsProperty]]] = None,
deletion_protection: typing.Union[bool, IResolvable] = None,
encryption_provider_key: typing.Union[str, IResolvable] = None,
endpoint_public_access: typing.Union[bool, IResolvable] = None,
format_disk: typing.Union[bool, IResolvable] = None,
is_enterprise_security_group: typing.Union[bool, IResolvable] = None,
keep_instance_name: typing.Union[bool, IResolvable] = None,
key_pair: typing.Union[str, IResolvable] = None,
kubernetes_version: typing.Union[str, IResolvable] = None,
load_balancer_spec: typing.Union[str, IResolvable] = None,
login_password: typing.Union[str, IResolvable] = None,
node_cidr_mask: typing.Union[str, IResolvable] = None,
node_name_mode: typing.Union[str, IResolvable] = None,
node_pools: typing.Union[IResolvable, typing.List[typing.Union[IResolvable, NodePoolsProperty]]] = None,
os_type: typing.Union[str, IResolvable] = None,
platform: typing.Union[str, IResolvable] = None,
pod_vswitch_ids: typing.Union[IResolvable, typing.List[typing.Union[str, IResolvable]]] = None,
proxy_mode: typing.Union[str, IResolvable] = None,
resource_group_id: typing.Union[str, IResolvable] = None,
runtime: typing.Union[IResolvable, RuntimeProperty] = None,
security_group_id: typing.Union[str, IResolvable] = None,
security_hardening_os: typing.Union[bool, IResolvable] = None,
service_cidr: typing.Union[str, IResolvable] = None,
snat_entry: typing.Union[bool, IResolvable] = None,
soc_enabled: typing.Union[bool, IResolvable] = None,
tags: typing.List[TagsProperty] = None,
taint: typing.Union[IResolvable, typing.List[typing.Mapping[typing.Any]]] = None,
timeout_mins: typing.Union[typing.Union[int, float], IResolvable] = None,
user_data: typing.Union[str, IResolvable] = None,
zone_ids: typing.Union[IResolvable, typing.List[typing.Union[str, IResolvable]]] = None
)
Properties
| Name | Type | Description |
|---|---|---|
name |
typing.Union[str, ros_cdk_core.IResolvable] |
Property name: The name of the cluster. |
vpc_id |
typing.Union[str, ros_cdk_core.IResolvable] |
Property vpcId: VPC ID. |
addons |
typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[ros_cdk_core.IResolvable, AddonsProperty]]] |
Property addons: A combination of addon plugins for Kubernetes clusters. |
cloud_monitor_flags |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property cloudMonitorFlags: Whether to install the cloud monitoring plugin: true: indicates installation false: Do not install Default to false. |
cluster_spec |
typing.Union[str, ros_cdk_core.IResolvable] |
Property clusterSpec: The managed cluster spec. |
container_cidr |
typing.Union[str, ros_cdk_core.IResolvable] |
Property containerCidr: The container network segment cannot conflict with the VPC network segment. |
control_plane_log_components |
typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[str, ros_cdk_core.IResolvable]]] |
Property controlPlaneLogComponents: List of target components for which logs need to be collected. |
control_plane_log_project |
typing.Union[str, ros_cdk_core.IResolvable] |
Property controlPlaneLogProject: Control plane log project. |
control_plane_log_ttl |
typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] |
Property controlPlaneLogTtl: Control plane log retention duration (unit: day). |
delete_options |
typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[ros_cdk_core.IResolvable, DeleteOptionsProperty]]] |
Property deleteOptions: Delete options, only work for deleting resource. |
deletion_protection |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property deletionProtection: Specifies whether to enable deletion protection for the cluster. |
encryption_provider_key |
typing.Union[str, ros_cdk_core.IResolvable] |
Property encryptionProviderKey: The ID of the key that is managed by Key Management Service (KMS). |
endpoint_public_access |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property endpointPublicAccess: Whether to enable the public network API Server: true: which means that the public network API Server is open. |
format_disk |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property formatDisk: Specifies whether to mount a data disk to nodes that are created on existing Elastic Compute Service (ECS) instances. |
is_enterprise_security_group |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property isEnterpriseSecurityGroup: Specifies whether to create an advanced security group. |
keep_instance_name |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property keepInstanceName: Specifies whether to retain the names of existing ECS instances that are used in the cluster. |
key_pair |
typing.Union[str, ros_cdk_core.IResolvable] |
Property keyPair: Key pair name. |
kubernetes_version |
typing.Union[str, ros_cdk_core.IResolvable] |
Property kubernetesVersion: The version of the Kubernetes cluster. |
load_balancer_spec |
typing.Union[str, ros_cdk_core.IResolvable] |
Property loadBalancerSpec: The specification of the Server Load Balancer instance. |
login_password |
typing.Union[str, ros_cdk_core.IResolvable] |
Property loginPassword: SSH login password. |
node_cidr_mask |
typing.Union[str, ros_cdk_core.IResolvable] |
Property nodeCidrMask: The maximum number of IP addresses that can be assigned to nodes. |
node_name_mode |
typing.Union[str, ros_cdk_core.IResolvable] |
Property nodeNameMode: A custom node name consists of a prefix, an IP substring, and a suffix. |
node_pools |
typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[ros_cdk_core.IResolvable, NodePoolsProperty]]] |
Property nodePools: The configurations of Node pools. |
os_type |
typing.Union[str, ros_cdk_core.IResolvable] |
Property osType: The type of operating system. |
platform |
typing.Union[str, ros_cdk_core.IResolvable] |
Property platform: The release version of the operating system. |
pod_vswitch_ids |
typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[str, ros_cdk_core.IResolvable]]] |
Property podVswitchIds: The list of pod vSwitches. |
proxy_mode |
typing.Union[str, ros_cdk_core.IResolvable] |
Property proxyMode: kube-proxy proxy mode, supports both iptables and ipvs modes. |
resource_group_id |
typing.Union[str, ros_cdk_core.IResolvable] |
Property resourceGroupId: The ID of resource group. |
runtime |
typing.Union[ros_cdk_core.IResolvable, RuntimeProperty] |
Property runtime: The container runtime of the cluster. |
security_group_id |
typing.Union[str, ros_cdk_core.IResolvable] |
Property securityGroupId: Specifies the ID of the security group to which the cluster ECS instance belongs. |
security_hardening_os |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property securityHardeningOs: Alibaba Cloud OS security hardening. |
service_cidr |
typing.Union[str, ros_cdk_core.IResolvable] |
Property serviceCidr: The service network segment cannot conflict with the VPC network segment and the container network segment. |
snat_entry |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property snatEntry: Whether to configure SNAT for the network. |
soc_enabled |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property socEnabled: Valid values: true: enables reinforcement based on classified protection. |
tags |
typing.List[TagsProperty] |
Property tags: Tag the cluster. |
taint |
typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Mapping[typing.Any]]] |
Property taint: It is used to mark nodes with taints. |
timeout_mins |
typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] |
Property timeoutMins: Cluster resource stack creation timeout, in minutes. |
user_data |
typing.Union[str, ros_cdk_core.IResolvable] |
Property userData: The user-defined data. |
zone_ids |
typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[str, ros_cdk_core.IResolvable]]] |
Property zoneIds: Zone ids of worker node virtual switches belongs to. |
nameRequired
name: typing.Union[str, IResolvable]
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property name: The name of the cluster.
The cluster name can use uppercase and lowercase letters, Chinese characters, numbers, and dashes.
vpc_idRequired
vpc_id: typing.Union[str, IResolvable]
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property vpcId: VPC ID.
addonsOptional
addons: typing.Union[IResolvable, typing.List[typing.Union[IResolvable, AddonsProperty]]]
- Type: typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[ros_cdk_core.IResolvable, AddonsProperty]]]
Property addons: A combination of addon plugins for Kubernetes clusters.
Network plug-in: including Flannel and Terway network plug-ins Log service: Optional. If the log service is not enabled, the cluster audit function cannot be used. Ingress: The installation of the Ingress component is enabled by default.
cloud_monitor_flagsOptional
cloud_monitor_flags: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property cloudMonitorFlags: Whether to install the cloud monitoring plugin: true: indicates installation false: Do not install Default to false.
cluster_specOptional
cluster_spec: typing.Union[str, IResolvable]
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property clusterSpec: The managed cluster spec.
Value: ack.pro.small: Professional hosting cluster, namely: "ACK Pro version cluster". ack.standard: Standard hosting cluster. Default value: ack.standard. The value can be empty. When it is empty, a standard managed cluster will be created.
container_cidrOptional
container_cidr: typing.Union[str, IResolvable]
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property containerCidr: The container network segment cannot conflict with the VPC network segment.
When the system is selected to automatically create a VPC, the network segment 172.16.0.0/16 is used by default.
control_plane_log_componentsOptional
control_plane_log_components: typing.Union[IResolvable, typing.List[typing.Union[str, IResolvable]]]
- Type: typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[str, ros_cdk_core.IResolvable]]]
Property controlPlaneLogComponents: List of target components for which logs need to be collected.
Supports apiserver, kcm, scheduler, ccm and controlplane-events.
control_plane_log_projectOptional
control_plane_log_project: typing.Union[str, IResolvable]
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property controlPlaneLogProject: Control plane log project.
If this field is not set, a log service project named k8s-log-{ClusterID} will be automatically created.
control_plane_log_ttlOptional
control_plane_log_ttl: typing.Union[typing.Union[int, float], IResolvable]
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
Property controlPlaneLogTtl: Control plane log retention duration (unit: day).
Default 30.
delete_optionsOptional
delete_options: typing.Union[IResolvable, typing.List[typing.Union[IResolvable, DeleteOptionsProperty]]]
- Type: typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[ros_cdk_core.IResolvable, DeleteOptionsProperty]]]
Property deleteOptions: Delete options, only work for deleting resource.
deletion_protectionOptional
deletion_protection: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property deletionProtection: Specifies whether to enable deletion protection for the cluster.
After deletion protection is enabled, the cluster cannot be deleted in the ACK console or by calling API operations. Valid values:true: enables deletion protection for the cluster. false: disables deletion protection for the cluster. Default value: false.
encryption_provider_keyOptional
encryption_provider_key: typing.Union[str, IResolvable]
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property encryptionProviderKey: The ID of the key that is managed by Key Management Service (KMS).
This key is used to encrypt data disks.You can use KMS in only professional managed Kubernetes clusters.
endpoint_public_accessOptional
endpoint_public_access: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property endpointPublicAccess: Whether to enable the public network API Server: true: which means that the public network API Server is open.
false: If set to false, the API server on the public network will not be created, only the API server on the private network will be created.Default to false.
format_diskOptional
format_disk: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property formatDisk: Specifies whether to mount a data disk to nodes that are created on existing Elastic Compute Service (ECS) instances.
Valid values: true: stores the data of containers and images on a data disk. The original data on the disk will be overwritten. Back up data before you mount the disk. false: does not store the data of containers and images on a data disk. Default value: false. How to mount a data disk: If the ECS instances have data disks mounted and the file system of the last data disk is not initialized, the system automatically formats the data disk to ext4. Then, the system mounts the data disk to /var/lib/docker and /var/lib/kubelet. The system does not create or mount a new data disk if no data disk has been mounted to the ECS instances.
is_enterprise_security_groupOptional
is_enterprise_security_group: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property isEnterpriseSecurityGroup: Specifies whether to create an advanced security group.
This parameter takes effect only if security_group_id is left empty. Note You must specify an advanced security group for a cluster that has Terway installed. true: creates an advanced security group. false: does not create an advanced security group. Default value: false.
keep_instance_nameOptional
keep_instance_name: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property keepInstanceName: Specifies whether to retain the names of existing ECS instances that are used in the cluster.
true: retains the names. false: does not retain the names. The new names are assigned by the system. Default value: true.
key_pairOptional
key_pair: typing.Union[str, IResolvable]
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property keyPair: Key pair name.
Specify one of KeyPair or LoginPassword.
kubernetes_versionOptional
kubernetes_version: typing.Union[str, IResolvable]
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property kubernetesVersion: The version of the Kubernetes cluster.
load_balancer_specOptional
load_balancer_spec: typing.Union[str, IResolvable]
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property loadBalancerSpec: The specification of the Server Load Balancer instance.
Allowed value: slb.s1.small|slb.s2.small|slb.s2.medium|slb.s3.small|slb.s3.medium|slb.s3.large
login_passwordOptional
login_password: typing.Union[str, IResolvable]
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property loginPassword: SSH login password.
Password rules are 8-30 characters and contain three items (upper and lower case letters, numbers, and special symbols). Specify one of KeyPair or LoginPassword.
node_cidr_maskOptional
node_cidr_mask: typing.Union[str, IResolvable]
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property nodeCidrMask: The maximum number of IP addresses that can be assigned to nodes.
This number is determined by the specified pod CIDR block. This parameter takes effect only if the cluster uses the Flannel plug-in.Default value: 25.
node_name_modeOptional
node_name_mode: typing.Union[str, IResolvable]
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property nodeNameMode: A custom node name consists of a prefix, an IP substring, and a suffix.
The format iscustomized,{prefix},{ip_substring},{suffix}, for example: customized,aliyun.com,5,test.
- The prefix and suffix can contain one or more parts that are separated by periods (.). Each part can contain lowercase letters, digits, and hyphens (-). The node name must start and end with a lowercase letter or digit.
- The IP substring length specifies the number of digits to be truncated from the end of the node IP address. Valid values: 5 to 12. For example, if the node IP address is 192.168.0.55, the prefix is aliyun.com, the IP substring length is 5, and the suffix is test, the node name will be aliyun.com00055test.
node_poolsOptional
node_pools: typing.Union[IResolvable, typing.List[typing.Union[IResolvable, NodePoolsProperty]]]
- Type: typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[ros_cdk_core.IResolvable, NodePoolsProperty]]]
Property nodePools: The configurations of Node pools.
os_typeOptional
os_type: typing.Union[str, IResolvable]
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property osType: The type of operating system.
Valid values: Windows Linux Default value: Linux.
platformOptional
platform: typing.Union[str, IResolvable]
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property platform: The release version of the operating system.
Valid values: CentOS AliyunLinux QbootAliyunLinux Qboot Windows WindowsCore Default value: CentOS.
pod_vswitch_idsOptional
pod_vswitch_ids: typing.Union[IResolvable, typing.List[typing.Union[str, IResolvable]]]
- Type: typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[str, ros_cdk_core.IResolvable]]]
Property podVswitchIds: The list of pod vSwitches.
For each vSwitch that is allocated to nodes, you must specify at least one pod vSwitch in the same zone. The pod vSwitches cannot be the same as the node vSwitches. We recommend that you set the mask length of the CIDR block to a value no greater than 19 for the pod vSwitches. The pod_vswitch_ids parameter is required when the Terway network plug-in is selected for the cluster.
proxy_modeOptional
proxy_mode: typing.Union[str, IResolvable]
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property proxyMode: kube-proxy proxy mode, supports both iptables and ipvs modes.
The default is iptables.
resource_group_idOptional
resource_group_id: typing.Union[str, IResolvable]
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property resourceGroupId: The ID of resource group.
runtimeOptional
runtime: typing.Union[IResolvable, RuntimeProperty]
- Type: typing.Union[ros_cdk_core.IResolvable, RuntimeProperty]
Property runtime: The container runtime of the cluster.
The default runtime is Docker.
security_group_idOptional
security_group_id: typing.Union[str, IResolvable]
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property securityGroupId: Specifies the ID of the security group to which the cluster ECS instance belongs.
security_hardening_osOptional
security_hardening_os: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property securityHardeningOs: Alibaba Cloud OS security hardening.
Value: true: enables security hardening OS. false: disables security hardening OS. Default value: false.
service_cidrOptional
service_cidr: typing.Union[str, IResolvable]
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property serviceCidr: The service network segment cannot conflict with the VPC network segment and the container network segment.
When the system is selected to automatically create a VPC, the network segment 172.19.0.0/20 is used by default.
snat_entryOptional
snat_entry: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property snatEntry: Whether to configure SNAT for the network.
When a VPC can access the public network environment, set it to false. When an existing VPC cannot access the public network environment: When set to True, SNAT is configured and the public network environment can be accessed at this time. If set to false, it means that SNAT is not configured and the public network environment cannot be accessed at this time. Default to true.
soc_enabledOptional
soc_enabled: typing.Union[bool, IResolvable]
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property socEnabled: Valid values: true: enables reinforcement based on classified protection.
false: disables reinforcement based on classified protection. Default value: false.
tagsOptional
tags: typing.List[TagsProperty]
- Type: typing.List[TagsProperty]
Property tags: Tag the cluster.
taintOptional
taint: typing.Union[IResolvable, typing.List[typing.Mapping[typing.Any]]]
- Type: typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Mapping[typing.Any]]]
Property taint: It is used to mark nodes with taints.
It is usually used for the scheduling strategy of Pods. The corresponding concept is: tolerance. If there is a corresponding tolerance mark on the Pods, the stain on the node can be tolerated and scheduled to the node.
timeout_minsOptional
timeout_mins: typing.Union[typing.Union[int, float], IResolvable]
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
Property timeoutMins: Cluster resource stack creation timeout, in minutes.
The default value is 60.
user_dataOptional
user_data: typing.Union[str, IResolvable]
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property userData: The user-defined data.
[1, 16KB] characters.User data should not be base64 encoded. If you want to pass base64 encoded string to the property, use function Fn::Base64Decode to decode the base64 string first.
zone_idsOptional
zone_ids: typing.Union[IResolvable, typing.List[typing.Union[str, IResolvable]]]
- Type: typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[str, ros_cdk_core.IResolvable]]]
Property zoneIds: Zone ids of worker node virtual switches belongs to.