ALIYUN::CS::ManagedKubernetesCluster类型用于创建Kubernetes托管版集群。
语法
{
"Type": "ALIYUN::CS::ManagedKubernetesCluster",
"Properties": {
"CloudMonitorFlags": Boolean,
"ProxyMode": String,
"SnatEntry": Boolean,
"VpcId": String,
"Tags": List,
"LoginPassword": String,
"ContainerCidr": String,
"Name": String,
"Taint": List,
"KeyPair": String,
"Addons": List,
"ServiceCidr": String,
"KubernetesVersion": String,
"SecurityGroupId": String,
"EndpointPublicAccess": Boolean,
"RrsaConfig": Map,
"ClusterSpec": String,
"TimeoutMins": Number,
"PodVswitchIds": List,
"EncryptionProviderKey": String,
"Runtime": Map,
"SocEnabled": Boolean,
"UserData": String,
"OsType": String,
"IsEnterpriseSecurityGroup": Boolean,
"Platform": String,
"LoadBalancerSpec": String,
"FormatDisk": Boolean,
"NodeCidrMask": String,
"KeepInstanceName": Boolean,
"DeletionProtection": Boolean,
"ResourceGroupId": String,
"NodePools": List,
"NodeNameMode": String,
"SecurityHardeningOs": Boolean,
"DeleteOptions": List,
"ControlPlaneLogComponents": List,
"ControlPlaneLogTtl": Number,
"ControlPlaneLogProject": String,
"MaintenanceWindow": Map,
"ZoneIds": List,
"VSwitchIds": List,
"TimeZone": String,
"IpStack": String
}
}属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
Name | String | 是 | 否 | 集群名称。 | 长度为1~63个字符。可包含英文字母、汉字、数字和短划线(-)。 |
VpcId | String | 是 | 否 | 专有网络ID。 | 如果不设置,系统会自动创建专有网络,系统创建的专有网络网段为192.168.0.0/16。
|
Addons | List | 否 | 是 | Kubernetes集群的Addon插件的组合。 | 取值:
更多信息,请参见Addons属性。 |
SecurityHardeningOs | Boolean | 否 | 否 | 阿里云操作系统安全加固。 | 取值:
默认值:false。 |
CloudMonitorFlags | Boolean | 否 | 否 | 是否安装云监控插件。 | 取值:
|
ClusterSpec | String | 否 | 否 | 托管版集群类型。 | 取值:
|
ContainerCidr | String | 否 | 否 | 容器网段。 | 不能和专有网络网段冲突。当选择系统自动创建专有网络时,默认使用172.16.0.0/16网段。 |
DeletionProtection | Boolean | 否 | 是 | 是否启用删除保护功能。 | 启用删除保护后,集群不能被直接删除。取值:
|
EncryptionProviderKey | String | 否 | 否 | 由密钥管理服务KMS管理的密钥ID。 | 该密钥用于加密数据磁盘。您只能在专业托管的Kubernetes集群中使用KMS。 |
EndpointPublicAccess | Boolean | 否 | 否 | 是否开启公网APIServer。 | 取值:
|
FormatDisk | Boolean | 否 | 否 | 是否将数据磁盘挂载到已创建的节点上,在已有的ECS实例中创建。 | 取值:
|
RrsaConfig | Map | 否 | 否 | RRSA 的配置。 | 更多信息,请参考RrsaConfig属性。 |
IsEnterpriseSecurityGroup | Boolean | 否 | 否 | 是否创建高级安全组。 | 当SecurityGroupId为空时,该参数生效。 取值:
|
KeepInstanceName | Boolean | 否 | 否 | 指定是否保留集群中使用的现有ECS实例的名称。 | 取值:
|
KeyPair | String | 否 | 否 | 密钥对名称。 | KeyPair和LoginPassword只能指定其中一个参数。 |
KubernetesVersion | String | 否 | 是 | 集群版本,与Kubernetes社区基线版本保持一致。建议选择最新版本。 | 目前您可以创建两种最新版本的集群。关于ACK支持的Kubernetes版本,请参见Kubernetes版本发布概览。 |
LoadBalancerSpec | String | 否 | 否 | 负载均衡实例规格。 | 取值:
|
LoginPassword | String | 否 | 否 | SSH登录密码。 | 长度为8~30个字符,必须同时包含英文字母、数字和特殊字符三项,特殊字符支持 说明 LoginPassword和KeyPair只能指定其中一个参数。 |
NodeCidrMask | String | 否 | 否 | 可分配给节点的最大IP地址数量。 | 数量由指定的pod CIDR决定。该参数仅在集群使用Flannel插件时生效。 默认值:25。 |
NodeNameMode | String | 否 | 否 | 自定义节点名。 | 节点名称由三部分组成:前缀+节点IP地址子串+后缀。
例如,节点IP地址为:192.168.XX.XX,指定前缀为 |
NodePools | List | 否 | 否 | 节点池信息。 | 更多信息,请参见NodePools属性。 |
OsType | String | 否 | 否 | 操作系统类型。 | 取值:
|
Platform | String | 否 | 否 | 操作系统发布版本。 | 取值:
|
PodVswitchIds | List | 否 | 否 | Pod交换机列表。 | 您需要为每一个节点交换机指定至少一个相同可用区的Pod交换机,该Pod交换机不能跟节点交换机重复。 建议您选择网段掩码不大于19的交换机。 说明 当集群列表(Addons)取值为网络组件,且采用Terway网络类型时,必须为集群指定PodVswitchIds。 |
ProxyMode | String | 否 | 否 | kube-proxy代理模式。 | 取值:
|
ResourceGroupId | String | 否 | 是 | 集群所属资源组ID。 | 无 |
Runtime | Map | 否 | 否 | 容器运行时。 | Runtime包括以下2个信息:
示例: 关于容器运行时的选择,请参见containerd、安全沙箱、Docker运行时的对比。 更多信息,请参见Runtime属性。 |
SecurityGroupId | String | 否 | 否 | 集群ECS实例所属安全组ID。 | 无 |
ServiceCidr | String | 否 | 否 | 服务网段。 | 不能和专有网络网段以及容器网段冲突。当选择系统自动创建专有网络时,默认使用172.19.0.0/20网段。 |
SnatEntry | Boolean | 否 | 否 | 是否为网络配置SNAT。 | 取值:
|
SocEnabled | Boolean | 否 | 否 | 是否启用基于分级保护的加固。 | 取值:
|
Tags | List | 否 | 是 | 集群标签。 | 最多可以设置20组标签。 更多信息,请参见Tags属性。 |
Taint | List | 否 | 否 | 给节点做污点标记,通常用于Pods的调度策略。 | 若Pods上有相对应的容忍(tolerance)标记,则可以将容忍节点上的污点调度到该节点。 |
TimeoutMins | Number | 否 | 否 | 集群创建超时时间。 | 默认值:60。 单位:分钟。 |
UserData | String | 否 | 否 | 创建ECS实例时传递的用户数据。 | 内容需要限制在16 KB以内。无需使用Base64转码,特殊字符需要使用转义符。 |
DeleteOptions | List | 否 | 是 | 集群关联资源的删除选项。 | 更多信息,请参见DeleteOptions属性。 |
ControlPlaneLogTtl | Number | 否 | 是 | 控制平面组件日志保存天数。 | 无 |
ControlPlaneLogComponents | List | 否 | 是 | 组件名称列表。 | 指定那些控制平面的组件日志需要被收集。 默认采集 apiserver、kcm、scheduler 组件的日志。 |
ControlPlaneLogProject | String | 否 | 是 | 控制平面组件日志服务 Project。 | 可以使用已有 Project 用于日志存储,也可以使用系统自动创建 Project 用户日志存储。如果选择自动创建日志服务 Project,将会自动创建一个名称为 |
MaintenanceWindow | Map | 否 | 是 | 集群维护窗口配置。 | 更多信息,请参见MaintenanceWindow属性。 |
VSwitchIds | List | 是 | 否 | Worker node绑定的交换机。 | 无 |
ZoneIds | List | 否 | 否 | 可用区列表。 | 无 |
TimeZone | String | 否 | 否 | 集群的时区。 | 无 |
IpStack | String | 否 | 否 | 集群的IP协议栈。 | 取值:
|
NodePools语法
"NodePools": [
{
"ScalingGroup": Map,
"KubernetesConfig": Map,
"NodePoolInfo": Map
}
]NodePools属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
ScalingGroup | Map | 是 | 否 | 节点池扩容组配置。 | 更多信息,请参见ScalingGroup属性。 |
KubernetesConfig | Map | 否 | 否 | 集群相关配置。 | 更多信息,请参见KubernetesConfig属性。 |
NodePoolInfo | Map | 否 | 否 | 节点池配置。 | 更多信息,请参见NodePoolInfo属性。 |
ScalingGroup语法
"ScalingGroup": {
"InstancePatterns": List,
"SocEnabled": Boolean,
"ImageType": String,
"SecurityHardeningOs": Boolean,
"RdsInstances": List,
"IsEnterpriseSecurityGroup": Boolean,
"VSwitchIds": List,
"InternetMaxBandwidthOut": Integer,
"DataDisks": List,
"Period": Integer,
"InternetChargeType": String,
"KeyPair": String,
"SystemDiskPerformanceLevel": String,
"ImageId": String,
"InstanceTypes": List,
"SystemDiskCategory": String,
"PeriodUnit": String,
"LoginPassword": String,
"InstanceChargeType": String,
"SystemDiskSize": Integer,
"Tags": List,
"ZoneIds": List,
"DesiredSize": Integer
}ScalingGroup属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
InstanceTypes | List | 否 | 否 | 实例规格。 | 无 |
SystemDiskSize | Integer | 是 | 否 | 节点系统盘大小。 | 单位:GiB。 取值范围:40~500。 |
VSwitchIds | List | 否 | 否 | 虚拟交换机ID列表。 | 无 |
SocEnabled | Boolean | 否 | 否 | 是否启用基于分级保护的加固。 | 取值:
|
ImageType | String | 否 | 否 | 操作系统镜像类型。 | 无 |
InstancePatterns | List | 否 | 否 | 实例属性配置。 | 更多信息,请参考InstancePatterns属性。 |
SecurityHardeningOs | Boolean | 否 | 否 | 阿里云 OS 安全加固。 | 取值:
默认值: |
DesiredSize | Integer | 否 | 否 | 节点池期望节点数。 | 无 |
DataDisks | List | 否 | 否 | 节点池节点数据盘配置。 | 更多信息,请参见DataDisks属性。 |
ImageId | String | 否 | 否 | 自定义镜像ID。 | 默认使用系统提供的镜像。 |
InstanceChargeType | String | 否 | 否 | 节点池节点付费类型。 | 取值:
|
InternetChargeType | String | 否 | 否 | 公网IP收费类型。 | 取值:
|
InternetMaxBandwidthOut | Integer | 否 | 否 | 节点公网IP出带宽最大值。 | 单位:Mbps。 取值范围:1~100。 |
IsEnterpriseSecurityGroup | Boolean | 否 | 否 | 自动创建企业级安全组。 | 取值:
|
KeyPair | String | 否 | 否 | 免密登录密钥对名称。 | KeyPair和LoginPassword属性二选一。 |
LoginPassword | String | 否 | 否 | SSH登录密码。 | KeyPair和LoginPassword只能选择其中之一。 密码规则为8~30个字符,且至少同时包含大小写字母、数字和特殊符号。 |
Period | Integer | 否 | 否 | 节点池节点包年包月时长。 | 当InstanceChargeType取值为PrePaid时,本属性才生效且为必选值。 当period_unit取值为Month时,period取值范围:{ 1, 2, 3, 6, 12}。 默认值:1。 |
PeriodUnit | String | 否 | 否 | 节点池节点付费周期。 | 当InstanceChargeType指定为PrePaid时需要指定周期。 Month:以月为计时单位。 |
RdsInstances | List | 否 | 否 | RDS实例ID。 | 无 |
SystemDiskCategory | String | 否 | 否 | 节点系统盘类型。 | 取值:
|
SystemDiskPerformanceLevel | String | 否 | 否 | 节点系统盘磁盘性能。 | 只对ESSD磁盘生效。 |
Tags | List | 否 | 否 | 仅为ECS实例添加标签。 | 更多信息,请参见Tags属性。 |
ZoneIds | List | 否 | 否 | 可用区列表。 | 无 |
DataDisks语法
"DataDisks": [
{
"AutoSnapshotPolicyId": String,
"Encrypted": Boolean,
"Size": Integer,
"Category": String,
"PerformanceLevel": String,
"Categories": List
}
]DataDisks属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
AutoSnapshotPolicyId | String | 否 | 否 | 选择自动快照策略ID。 | 云盘会按照快照策略自动备份。 |
Category | String | 否 | 否 | 数据盘类型。 | 取值:
|
Encrypted | Boolean | 否 | 否 | 是否对数据盘加密。 | 取值:
|
PerformanceLevel | String | 否 | 否 | 节点数据盘磁盘性能等级。 | 仅对ESSD磁盘生效,磁盘性能等级和磁盘大小有关。 更多信息,请参见ESSD云盘。 |
Size | Integer | 否 | 否 | 数据盘大小。 | 单位为GiB。 取值范围:40~32768。 默认值:120。 |
Categories | List | 否 | 否 | 数据磁盘类型的列表。 | 无 |
KubernetesConfig语法
"KubernetesConfig": {
"Runtime": String,
"RuntimeVersion": String,
"CpuPolicy": String,
"Labels": List,
"NodeNameMode": String,
"Taints": List
}KubernetesConfig属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
Runtime | String | 是 | 否 | 容器运行时。 | 无 |
RuntimeVersion | String | 是 | 否 | 容器运行时版本。 | 无 |
CpuPolicy | String | 否 | 否 | 节点CPU管理策略。 | 当集群版本在1.12.6及以上时支持以下两种策略:
|
Labels | List | 否 | 否 | 节点标签。 | 为Kubernetes集群节点添加标签。 更多信息,请参见Labels属性。 |
NodeNameMode | String | 否 | 否 | 自定义节点名。 | 节点名称由三部分组成:前缀+节点IP地址子串+后缀。
例如,节点IP地址为:192.168.XX.XX,指定前缀为 |
Taints | List | 否 | 否 | 污点配置。 | 更多信息,请参见Taints属性。 |
RrsaConfig语法
"RrsaConfig":
{
"Enabled": Boolean
}RrsaConfig属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
Enabled | Boolean | 是 | 否 | 是否启用服务账户的 RAM 角色(RRSA)功能。 | 取值:
|
InstancePatterns语法
"InstancePatterns": [
{
"CpuArchitectures": List,
"MaxCpuCores": Integer,
"MinMemorySize": Integer,
"Memory": Integer,
"InstanceFamilyLevel": String,
"MinCpuCores": Integer,
"Cores": Integer,
"InstanceTypeFamilies": List,
"InstanceCategories": List,
"ExcludedInstanceTypes": List,
"MaxMemorySize": Integer
}
]InstancePatterns属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
CpuArchitectures | List | 否 | 否 | 实例的 CPU 架构。 | 取值:
|
MaxCpuCores | Integer | 否 | 否 | 实例规格的最大 vCPU 内核数目 | 无 |
MinMemorySize | Integer | 否 | 否 | 实例规格的最小内存。 | 单位:GiB。 |
Memory | Integer | 否 | 否 | 实例规格的内存大小。 | 单位为 GiB。 |
InstanceFamilyLevel | String | 否 | 否 | 实例规格族级别。 | 无 |
MinCpuCores | Integer | 否 | 否 | 实例规格的最小 vCPU 内核数目。 | 无 |
Cores | Integer | 否 | 否 | 实例规格的 vCPU 内核数目。 | 无 |
InstanceTypeFamilies | List | 否 | 否 | 指定实例规格族。 | 无 |
InstanceCategories | List | 否 | 否 | 实例分类。 | 无 |
ExcludedInstanceTypes | List | 否 | 否 | 需要排除的实例规格。 | 无 |
MaxMemorySize | Integer | 否 | 否 | 实例规格的最大内存。 | 单位:GiB。 |
Labels语法
"Labels": {
"Value": String,
"Key": String
}Labels属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
Key | String | 是 | 否 | 标签键。 | 无 |
Value | String | 是 | 否 | 标签值。 | 无 |
Taints语法
"Taints": [{
"Value": String,
"Effect": String,
"Key": String
}]Taints属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
Key | String | 是 | 否 | 污点名称。 | 无 |
Value | String | 是 | 否 | 污点值。 | 无 |
Effect | String | 否 | 否 | 调度策略。 |
|
NodePoolInfo语法
"NodePoolInfo": {
"Name": String,
"Type": String,
"ResourceGroupId": String
}NodePoolInfo属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
ResourceGroupId | String | 否 | 是 | 节点池所属资源组。 | 无 |
Name | String | 是 | 否 | 节点池名称。 | 无 |
Type | String | 否 | 否 | 节点池类型 | 取值:
|
MaintenanceWindow语法
"MaintenanceWindow": {
"Enable": Boolean,
"MaintenanceTime": String,
"Duration": String,
"WeeklyPeriod": String,
"Recurrence": String
}MaintenanceWindow属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
Duration | String | 否 | 是 | 维护时长。 | 取值范围[1,24],单位为小时。 默认值:3h。 |
Enable | Boolean | 否 | 是 | 是否开启维护窗口。 | 取值:
默认值: |
MaintenanceTime | String | 否 | 是 | 维护起始时间。 | RFC3339 标准格式。 |
WeeklyPeriod | String | 否 | 是 | 维护周期。 | 多个值用英文半角逗号(,)分隔。取值:{Monday,Tuesday,Wednesday,Thursday,Friday,Saturday,Sunday} 默认值: |
Recurrence | String | 否 | 是 | 使用 RFC5545 Recurrence Rule 语法定义的维护窗口循环规则。 | 目前仅支持 FREQ=WEEKLY,且不支持指定 COUNT 或 UNTIL。 |
Tags语法
"Tags": [
{
"Key": String,
"Value": String
}
]Tags属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
Key | String | 是 | 否 | 标签键。 | 长度为1~64个字符,不能以 |
Value | String | 是 | 否 | 标签值。 | 长度为0~128个字符,不能以 |
Addons语法
"Addons": [
{
"Version": String,
"Config": String,
"Name": String,
"Disabled": Boolean
}
]Addons属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
Name | String | 是 | 否 | Addon插件名称。 | 无 |
Config | String | 否 | 是 | Addon插件配置。 | 无 |
Disabled | Boolean | 否 | 否 | 是否禁用默认安装。 | 取值:
|
Version | String | 否 | 否 | Addon插件版本。 | 默认取最新版本。 |
DeleteOptions语法
"DeleteOptions": [
{
"DeleteMode": String,
"ResourceType": String
}
]DeleteOptions属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
DeleteMode | String | 否 | 是 | 该类型资源的删除策略。 | 可取值:
|
ResourceType | String | 否 | 是 | 资源类型。 | 可取值:
|
Runtime语法
"Runtime": {
"Name": String,
"Version": String
}Runtime属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
Name | String | 是 | 否 | 容器运行时名称。 | ACK 支持以下三种容器运行时。
默认值: |
Version | String | 否 | 否 | 容器运行时版本。 | 默认为最新版。 关于安全沙箱运行时的变更详情,请参见安全沙箱运行时发布记录。 |
返回值
Fn::GetAtt
ClusterId:集群ID。
TaskId:任务ID。系统自动分配,用户查询任务状态。
DefaultUserKubeConfig:用户配置集群凭据的默认Kubernetes配置。
ScalingRuleId:伸缩规则ID。
ScalingGroupId:伸缩组ID。
PrivateUserKubConfig:用户配置集群凭据的专有Kubernetes配置。
ScalingConfigurationId:伸缩配置ID。
Nodes:集群节点列表。
APIServerSLBId:API服务器负载均衡ID。
IngressSLBId:Ingress负载均衡ID。
WorkerRamRoleName:Worker RAM角色名称。
示例
场景 1 :创建Kubernetes托管版集群。
ROSTemplateFormatVersion: '2015-09-01'
Description: Test Create ManagedKubernetesCluster
Parameters: {}
Resources:
Vpc:
Type: ALIYUN::ECS::VPC
Properties:
VpcName: mytest
CidrBlock: 192.168.0.0/16
VSwitch:
Type: ALIYUN::ECS::VSwitch
Properties:
VSwitchName: mytest
VpcId:
Ref: Vpc
ZoneId:
Fn::Select:
- '0'
- Fn::GetAZs:
Ref: ALIYUN::Region
CidrBlock: 192.168.1.0/24
ManagedKubernetesCluster:
Type: ALIYUN::CS::ManagedKubernetesCluster
Properties:
VSwitchIds:
- Ref: VSwitch
VpcId:
Ref: Vpc
ClusterSpec: ack.pro.small
LoginPassword: Admin@123!
Name: mytest
Outputs:
ClusterId:
Value:
Fn::GetAtt:
- ManagedKubernetesCluster
- ClusterId
TaskId:
Value:
Fn::GetAtt:
- ManagedKubernetesCluster
- TaskId {
"ROSTemplateFormatVersion": "2015-09-01",
"Description": "Test Create ManagedKubernetesCluster",
"Parameters": {
},
"Resources": {
"Vpc": {
"Type": "ALIYUN::ECS::VPC",
"Properties": {
"VpcName": "mytest",
"CidrBlock": "192.168.0.0/16"
}
},
"VSwitch": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"VSwitchName": "mytest",
"VpcId": {
"Ref": "Vpc"
},
"ZoneId": {
"Fn::Select": [
"0",
{
"Fn::GetAZs": {
"Ref": "ALIYUN::Region"
}
}
]
},
"CidrBlock": "192.168.1.0/24"
}
},
"ManagedKubernetesCluster": {
"Type": "ALIYUN::CS::ManagedKubernetesCluster",
"Properties": {
"VSwitchIds": [
{
"Ref": "VSwitch"
}
],
"VpcId": {
"Ref": "Vpc"
},
"ClusterSpec": "ack.pro.small",
"LoginPassword": "Admin@123!",
"Name": "mytest"
}
}
},
"Outputs": {
"ClusterId": {
"Value": {
"Fn::GetAtt": [
"ManagedKubernetesCluster",
"ClusterId"
]
}
},
"TaskId": {
"Value": {
"Fn::GetAtt": [
"ManagedKubernetesCluster",
"TaskId"
]
}
}
}
}场景 2 :创建Kubernetes专有版集群(已VPC)。
ROSTemplateFormatVersion: '2015-09-01'
Description:
zh-cn: 在现有VPC、交换机和安全组上,配置付费方式,创建Kubernetes集群,含Worker节点、网络设置与监控插件。
en: Configure billing methods on the existing VPC, switches, and security groups, then proceed to create a Kubernetes cluster inclusive of worker nodes, network configurations, and monitoring plugins.
Parameters:
PayType:
Type: String
Label:
en: ECS Instance Charge Type
zh-cn: 付费类型
AssociationProperty: ChargeType
AssociationPropertyMetadata:
LocaleKey: InstanceChargeType
Default: PostPaid
AllowedValues:
- PostPaid
- PrePaid
PayPeriodUnit:
Type: String
Label:
en: Pay Period Unit
zh-cn: 购买资源时长周期
AssociationProperty: PayPeriodUnit
AssociationPropertyMetadata:
Visible:
Condition:
Fn::Not:
Fn::Equals:
- ${PayType}
- PostPaid
Default: Month
AllowedValues:
- Month
- Year
PayPeriod:
Type: Number
Label:
en: Period
zh-cn: 购买资源时长
AssociationProperty: PayPeriod
AssociationPropertyMetadata:
Visible:
Condition:
Fn::Not:
Fn::Equals:
- ${PayType}
- PostPaid
Default: 1
AllowedValues:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
VpcId:
Type: String
Label:
en: VPC ID
zh-cn: 专有网络VPC实例ID
AssociationProperty: ALIYUN::ECS::VPC::VPCId
ZoneId:
Type: String
Label:
en: Zone ID
zh-cn: 可用区
AssociationProperty: ALIYUN::ECS::Instance:ZoneId
VSwitchId:
Type: String
Label:
en: VSwitch ID
zh-cn: 交换机实例ID
AssociationProperty: ALIYUN::ECS::VSwitch::VSwitchId
AssociationPropertyMetadata:
VpcId: ${VpcId}
ZoneId: ${ZoneId}
SecurityGroupId:
Type: String
Label:
en: Business Security Group ID
zh-cn: 业务安全组ID
AssociationProperty: ALIYUN::ECS::SecurityGroup::SecurityGroupId
AssociationPropertyMetadata:
VpcId: ${VpcId}
NumOfNodes:
Type: Number
Label:
zh-cn: Worker节点数
en: Number of Worker instances
Default: 3
PodCidr:
Type: String
Label:
zh-cn: Pod 网络 CIDR
en: Pod Network CIDR
Description:
zh-cn: 请填写有效的私有网段,即以下网段及其子网:10.0.0.0/8,172.16-31.0.0/12-16,192.168.0.0/16<br>不能与 VPC 及 VPC 内已有 Kubernetes 集群使用的网段重复。<font color='blue'><b>创建成功后不能修改</b></font>
en: 'Please fill in a valid private segment, i.e. the following segments and their subnets: 10.0.0.0/8, 172.16-31.0.0/12-16, 192.168.0.0/16<br> which cannot duplicate the network segments already used by clusters in VPC and VPC Kunetberes. <font color=''blue''><b>Cannot be modified after successful creation</b></font>'
AssociationProperty: ALIYUN::CS::ManagedKubernetesCluster::PodCidr
Default: 172.20.0.0/16
ServiceCidr:
Type: String
Label:
zh-cn: Service CIDR
en: Service CIDR
Description:
zh-cn: 可选范围:10.0.0.0/16-24,172.16-31.0.0/16-24,192.168.0.0/16-24<br>不能与 VPC 及 VPC 内已有 Kubernetes 集群使用的网段重复。<font color='blue'><b>创建成功后不能修改</b></font>
en: 'Optional range: 10.0.0.0/16-24, 172.16-31.0.0/16-24, 192.168.0.0/16-24<br> cannot duplicate segments already used by existing Kubernetes clusters in VPC and VPC.<font color=''blue''><b>Cannot be modified after successful creation</b></font>'
AssociationProperty: ALIYUN::CS::ManagedKubernetesCluster::ServiceCidr
Default: 172.21.0.0/20
SnatEntry:
Type: Boolean
Label:
zh-cn: 配置SNAT
en: Configure SNAT
Description:
zh-cn: 为专有网络配置 SNAT<br>若您集群内的节点、应用等需要访问公网,勾选该项后我们将为您创建 NAT 网关并自动配置 SNAT 规则。<b><a href='https://help.aliyun.com/document_detail/48126.html' target='_blank'><font color='blue'>NAT 网关收费详情</font></a></b>
en: Configure SNAT for a proprietary network<br>If nodes, apps, etc. in your cluster need access to the public network, check this item and we'll create a NAT gateway for you and automatically configure the SNAT rules.<b><a href='https://www.alibabacloud.com/help/en/doc-detail/48126.html' target='_blank'><font color='blue'>NAT gateway charge details</font></a></b>
Default: true
EndpointPublicAccess:
Type: Boolean
Label:
en: Public Access
zh-cn: 公网访问
Description:
en: Using the EIP Exposure API Server <br> creates an intranet SLB instance for API Server by default, and removing the instance will make API Server innible<br><br><font color='blue'><b>choose not to be open, you cannot access cluster API Server over an extranet</b><front>
zh-cn: 使用 EIP 暴露 API Server<br>默认将为 API Server 创建一个内网 SLB 实例,若删除该实例会导致 API Server 无法访问<br><font color='blue'><b>选择不开放时,则无法通过外网访问集群 API Server</b><front>
Default: false
CloudMonitorFlag:
Type: Boolean
Label:
zh-cn: 监控插件
en: Monitor Plug-in
Description:
zh-cn: 在 ECS 节点上安装云监控插件
en: Install the cloud monitoring plug-in on the ECS node .
Default: true
WorkerInstanceTypes:
Type: CommaDelimitedList
AssociationProperty: ALIYUN::ECS::Instance::InstanceType
AssociationPropertyMetadata:
InstanceChargeType: ${PayPeriod}
ZoneId: ${ZoneId}
Label:
en: Instance Type
zh-cn: 实例规格
WorkerSystemDiskSize:
Type: Number
Label:
zh-cn: Worker节点系统盘空间
en: Worker System Disk Space
Description:
zh-cn: 系统盘大小, 取值范围:[40, 500], 单位:GB。
en: 'System disk size, range of values: 40-500, units: GB.'
Default: 40
MinValue: 40
MaxValue: 500
WorkerSystemDiskCategory:
Type: String
Label:
en: Worker System Disk Category
zh-cn: Worker节点系统盘类型
AssociationPropertyMetadata:
LocaleKey: DiskCategory
Default: cloud_essd
AllowedValues:
- cloud_efficiency
- cloud_ssd
- cloud_essd
LoginPassword:
Type: String
NoEcho: true
Label:
en: Instance Password
zh-cn: 实例密码
Description:
en: Login password, Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in)
zh-cn: 登录密码,长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)
ConstraintDescription:
en: Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in).
zh-cn: 长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。
AssociationProperty: ALIYUN::ECS::Instance::Password
Resources:
NodePools:
Type: ALIYUN::CS::ClusterNodePool
Properties:
ClusterId:
Ref: ManagedKubernetesCluster
NodePoolInfo:
Name: default-nodepool
ScalingGroup:
Period:
Ref: PayPeriod
PeriodUnit:
Ref: PayPeriodUnit
InstanceChargeType:
Ref: PayType
VSwitchIds:
- Ref: VSwitchId
ZoneIds:
- Ref: ZoneId
SystemDiskCategory:
Ref: WorkerSystemDiskCategory
SystemDiskSize:
Ref: WorkerSystemDiskSize
InstanceTypes:
Ref: WorkerInstanceTypes
LoginPassword:
Ref: LoginPassword
Platform: AliyunLinux
ImageId: aliyun_3_9_x64_20G_alibase_20231219.vhd
KubernetesConfig:
Runtime: containerd
RuntimeVersion: 1.6.28
Count:
Ref: NumOfNodes
ManagedKubernetesCluster:
Type: ALIYUN::CS::ManagedKubernetesCluster
Properties:
VpcId:
Ref: VpcId
VSwitchIds:
- Ref: VSwitchId
SecurityGroupId:
Ref: SecurityGroupId
ZoneIds:
- Ref: ZoneId
ClusterSpec: ack.pro.small
ContainerCidr:
Ref: PodCidr
ServiceCidr:
Ref: ServiceCidr
LoginPassword:
Ref: LoginPassword
SnatEntry:
Ref: SnatEntry
Addons:
- Name: flannel
Config: ''
CloudMonitorFlags:
Ref: CloudMonitorFlag
ProxyMode: IPVS
EndpointPublicAccess:
Ref: EndpointPublicAccess
Name:
Ref: ALIYUN::StackName
Outputs:
ClusterId:
Value:
Fn::GetAtt:
- ManagedKubernetesCluster
- ClusterId
TaskId:
Value:
Fn::GetAtt:
- ManagedKubernetesCluster
- TaskId
WorkerRamRoleName:
Value:
Fn::GetAtt:
- ManagedKubernetesCluster
- WorkerRamRoleName
Metadata:
ALIYUN::ROS::Interface:
ParameterGroups:
- Parameters:
- PayType
- PayPeriodUnit
- PayPeriod
Label:
default:
en: PayType Configuration
zh-cn: 付费类型配置
- Parameters:
- VpcId
- ZoneId
- VSwitchId
- SecurityGroupId
Label:
default:
zh-cn: 基础资源配置(必填)
en: Infrastructure Configuration
- Parameters:
- NumOfNodes
- PodCidr
- ServiceCidr
- SnatEntry
- EndpointPublicAccess
- CloudMonitorFlag
- WorkerInstanceTypes
- WorkerSystemDiskSize
- WorkerSystemDiskCategory
- LoginPassword
Label:
default:
zh-cn: Kubernetes基本配置(必填)
en: Kubernetes Basic Configuration
TemplateTags:
- acs:example:ISV软件部署:创建Kubernetes专有版集群(已VPC)
{
"ROSTemplateFormatVersion": "2015-09-01",
"Description": {
"zh-cn": "在现有VPC、交换机和安全组上,配置付费方式,创建Kubernetes集群,含Worker节点、网络设置与监控插件。",
"en": "Configure billing methods on the existing VPC, switches, and security groups, then proceed to create a Kubernetes cluster inclusive of worker nodes, network configurations, and monitoring plugins."
},
"Parameters": {
"PayType": {
"Type": "String",
"Label": {
"en": "ECS Instance Charge Type",
"zh-cn": "付费类型"
},
"AssociationProperty": "ChargeType",
"AssociationPropertyMetadata": {
"LocaleKey": "InstanceChargeType"
},
"Default": "PostPaid",
"AllowedValues": [
"PostPaid",
"PrePaid"
]
},
"PayPeriodUnit": {
"Type": "String",
"Label": {
"en": "Pay Period Unit",
"zh-cn": "购买资源时长周期"
},
"AssociationProperty": "PayPeriodUnit",
"AssociationPropertyMetadata": {
"Visible": {
"Condition": {
"Fn::Not": {
"Fn::Equals": [
"${PayType}",
"PostPaid"
]
}
}
}
},
"Default": "Month",
"AllowedValues": [
"Month",
"Year"
]
},
"PayPeriod": {
"Type": "Number",
"Label": {
"en": "Period",
"zh-cn": "购买资源时长"
},
"AssociationProperty": "PayPeriod",
"AssociationPropertyMetadata": {
"Visible": {
"Condition": {
"Fn::Not": {
"Fn::Equals": [
"${PayType}",
"PostPaid"
]
}
}
}
},
"Default": 1,
"AllowedValues": [
1,
2,
3,
4,
5,
6,
7,
8,
9
]
},
"VpcId": {
"Type": "String",
"Label": {
"en": "VPC ID",
"zh-cn": "专有网络VPC实例ID"
},
"AssociationProperty": "ALIYUN::ECS::VPC::VPCId"
},
"ZoneId": {
"Type": "String",
"Label": {
"en": "Zone ID",
"zh-cn": "可用区"
},
"AssociationProperty": "ALIYUN::ECS::Instance:ZoneId"
},
"VSwitchId": {
"Type": "String",
"Label": {
"en": "VSwitch ID",
"zh-cn": "交换机实例ID"
},
"AssociationProperty": "ALIYUN::ECS::VSwitch::VSwitchId",
"AssociationPropertyMetadata": {
"VpcId": "${VpcId}",
"ZoneId": "${ZoneId}"
}
},
"SecurityGroupId": {
"Type": "String",
"Label": {
"en": "Business Security Group ID",
"zh-cn": "业务安全组ID"
},
"AssociationProperty": "ALIYUN::ECS::SecurityGroup::SecurityGroupId",
"AssociationPropertyMetadata": {
"VpcId": "${VpcId}"
}
},
"NumOfNodes": {
"Type": "Number",
"Label": {
"zh-cn": "Worker节点数",
"en": "Number of Worker instances"
},
"Default": 3
},
"PodCidr": {
"Type": "String",
"Label": {
"zh-cn": "Pod 网络 CIDR",
"en": "Pod Network CIDR"
},
"Description": {
"zh-cn": "请填写有效的私有网段,即以下网段及其子网:10.0.0.0/8,172.16-31.0.0/12-16,192.168.0.0/16<br>不能与 VPC 及 VPC 内已有 Kubernetes 集群使用的网段重复。<font color='blue'><b>创建成功后不能修改</b></font>",
"en": "Please fill in a valid private segment, i.e. the following segments and their subnets: 10.0.0.0/8, 172.16-31.0.0/12-16, 192.168.0.0/16<br> which cannot duplicate the network segments already used by clusters in VPC and VPC Kunetberes. <font color='blue'><b>Cannot be modified after successful creation</b></font>"
},
"AssociationProperty": "ALIYUN::CS::ManagedKubernetesCluster::PodCidr",
"Default": "172.20.0.0/16"
},
"ServiceCidr": {
"Type": "String",
"Label": {
"zh-cn": "Service CIDR",
"en": "Service CIDR"
},
"Description": {
"zh-cn": "可选范围:10.0.0.0/16-24,172.16-31.0.0/16-24,192.168.0.0/16-24<br>不能与 VPC 及 VPC 内已有 Kubernetes 集群使用的网段重复。<font color='blue'><b>创建成功后不能修改</b></font>",
"en": "Optional range: 10.0.0.0/16-24, 172.16-31.0.0/16-24, 192.168.0.0/16-24<br> cannot duplicate segments already used by existing Kubernetes clusters in VPC and VPC.<font color='blue'><b>Cannot be modified after successful creation</b></font>"
},
"AssociationProperty": "ALIYUN::CS::ManagedKubernetesCluster::ServiceCidr",
"Default": "172.21.0.0/20"
},
"SnatEntry": {
"Type": "Boolean",
"Label": {
"zh-cn": "配置SNAT",
"en": "Configure SNAT"
},
"Description": {
"zh-cn": "为专有网络配置 SNAT<br>若您集群内的节点、应用等需要访问公网,勾选该项后我们将为您创建 NAT 网关并自动配置 SNAT 规则。<b><a href='https://help.aliyun.com/document_detail/48126.html' target='_blank'><font color='blue'>NAT 网关收费详情</font></a></b>",
"en": "Configure SNAT for a proprietary network<br>If nodes, apps, etc. in your cluster need access to the public network, check this item and we'll create a NAT gateway for you and automatically configure the SNAT rules.<b><a href='https://www.alibabacloud.com/help/en/doc-detail/48126.html' target='_blank'><font color='blue'>NAT gateway charge details</font></a></b>"
},
"Default": true
},
"EndpointPublicAccess": {
"Type": "Boolean",
"Label": {
"en": "Public Access",
"zh-cn": "公网访问"
},
"Description": {
"en": "Using the EIP Exposure API Server <br> creates an intranet SLB instance for API Server by default, and removing the instance will make API Server innible<br><br><font color='blue'><b>choose not to be open, you cannot access cluster API Server over an extranet</b><front>",
"zh-cn": "使用 EIP 暴露 API Server<br>默认将为 API Server 创建一个内网 SLB 实例,若删除该实例会导致 API Server 无法访问<br><font color='blue'><b>选择不开放时,则无法通过外网访问集群 API Server</b><front>"
},
"Default": false
},
"CloudMonitorFlag": {
"Type": "Boolean",
"Label": {
"zh-cn": "监控插件",
"en": "Monitor Plug-in"
},
"Description": {
"zh-cn": "在 ECS 节点上安装云监控插件",
"en": "Install the cloud monitoring plug-in on the ECS node ."
},
"Default": true
},
"WorkerInstanceTypes": {
"Type": "CommaDelimitedList",
"AssociationProperty": "ALIYUN::ECS::Instance::InstanceType",
"AssociationPropertyMetadata": {
"InstanceChargeType": "${PayPeriod}",
"ZoneId": "${ZoneId}"
},
"Label": {
"en": "Instance Type",
"zh-cn": "实例规格"
}
},
"WorkerSystemDiskSize": {
"Type": "Number",
"Label": {
"zh-cn": "Worker节点系统盘空间",
"en": "Worker System Disk Space"
},
"Description": {
"zh-cn": "系统盘大小, 取值范围:[40, 500], 单位:GB。",
"en": "System disk size, range of values: 40-500, units: GB."
},
"Default": 40,
"MinValue": 40,
"MaxValue": 500
},
"WorkerSystemDiskCategory": {
"Type": "String",
"Label": {
"en": "Worker System Disk Category",
"zh-cn": "Worker节点系统盘类型"
},
"AssociationPropertyMetadata": {
"LocaleKey": "DiskCategory"
},
"Default": "cloud_essd",
"AllowedValues": [
"cloud_efficiency",
"cloud_ssd",
"cloud_essd"
]
},
"LoginPassword": {
"Type": "String",
"NoEcho": true,
"Label": {
"en": "Instance Password",
"zh-cn": "实例密码"
},
"Description": {
"en": "Login password, Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in)",
"zh-cn": "登录密码,长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)"
},
"ConstraintDescription": {
"en": "Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in).",
"zh-cn": "长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。"
},
"AssociationProperty": "ALIYUN::ECS::Instance::Password"
}
},
"Resources": {
"NodePools": {
"Type": "ALIYUN::CS::ClusterNodePool",
"Properties": {
"ClusterId": {
"Ref": "ManagedKubernetesCluster"
},
"NodePoolInfo": {
"Name": "default-nodepool"
},
"ScalingGroup": {
"Period": {
"Ref": "PayPeriod"
},
"PeriodUnit": {
"Ref": "PayPeriodUnit"
},
"InstanceChargeType": {
"Ref": "PayType"
},
"VSwitchIds": [
{
"Ref": "VSwitchId"
}
],
"ZoneIds": [
{
"Ref": "ZoneId"
}
],
"SystemDiskCategory": {
"Ref": "WorkerSystemDiskCategory"
},
"SystemDiskSize": {
"Ref": "WorkerSystemDiskSize"
},
"InstanceTypes": {
"Ref": "WorkerInstanceTypes"
},
"LoginPassword": {
"Ref": "LoginPassword"
},
"Platform": "AliyunLinux",
"ImageId": "aliyun_3_9_x64_20G_alibase_20231219.vhd"
},
"KubernetesConfig": {
"Runtime": "containerd",
"RuntimeVersion": "1.6.28"
},
"Count": {
"Ref": "NumOfNodes"
}
}
},
"ManagedKubernetesCluster": {
"Type": "ALIYUN::CS::ManagedKubernetesCluster",
"Properties": {
"VpcId": {
"Ref": "VpcId"
},
"VSwitchIds": [
{
"Ref": "VSwitchId"
}
],
"SecurityGroupId": {
"Ref": "SecurityGroupId"
},
"ZoneIds": [
{
"Ref": "ZoneId"
}
],
"ClusterSpec": "ack.pro.small",
"ContainerCidr": {
"Ref": "PodCidr"
},
"ServiceCidr": {
"Ref": "ServiceCidr"
},
"LoginPassword": {
"Ref": "LoginPassword"
},
"SnatEntry": {
"Ref": "SnatEntry"
},
"Addons": [
{
"Name": "flannel",
"Config": ""
}
],
"CloudMonitorFlags": {
"Ref": "CloudMonitorFlag"
},
"ProxyMode": "IPVS",
"EndpointPublicAccess": {
"Ref": "EndpointPublicAccess"
},
"Name": {
"Ref": "ALIYUN::StackName"
}
}
}
},
"Outputs": {
"ClusterId": {
"Value": {
"Fn::GetAtt": [
"ManagedKubernetesCluster",
"ClusterId"
]
}
},
"TaskId": {
"Value": {
"Fn::GetAtt": [
"ManagedKubernetesCluster",
"TaskId"
]
}
},
"WorkerRamRoleName": {
"Value": {
"Fn::GetAtt": [
"ManagedKubernetesCluster",
"WorkerRamRoleName"
]
}
}
},
"Metadata": {
"ALIYUN::ROS::Interface": {
"ParameterGroups": [
{
"Parameters": [
"PayType",
"PayPeriodUnit",
"PayPeriod"
],
"Label": {
"default": {
"en": "PayType Configuration",
"zh-cn": "付费类型配置"
}
}
},
{
"Parameters": [
"VpcId",
"ZoneId",
"VSwitchId",
"SecurityGroupId"
],
"Label": {
"default": {
"zh-cn": "基础资源配置(必填)",
"en": "Infrastructure Configuration"
}
}
},
{
"Parameters": [
"NumOfNodes",
"PodCidr",
"ServiceCidr",
"SnatEntry",
"EndpointPublicAccess",
"CloudMonitorFlag",
"WorkerInstanceTypes",
"WorkerSystemDiskSize",
"WorkerSystemDiskCategory",
"LoginPassword"
],
"Label": {
"default": {
"zh-cn": "Kubernetes基本配置(必填)",
"en": "Kubernetes Basic Configuration"
}
}
}
],
"TemplateTags": [
"acs:example:ISV软件部署:创建Kubernetes专有版集群(已VPC)"
]
}
}
}场景 3 :使用ACK搭建微服务。
ROSTemplateFormatVersion: '2015-09-01'
Description:
zh-cn: 创建ACK集群,配置VPC、安全组,部署微服务应用,自动伸缩节点池,设置ALB ingress,输出服务访问URL。
en: Create an ACK (Alibaba Cloud Container Service for Kubernetes) cluster, configure
VPC (Virtual Private Cloud) and security groups, deploy microservices applications,
automatically scale node pools, set up ALB (Application Load Balancer) ingress,
and output the service access URL.
Parameters:
CommonName:
Type: String
Default: microservices-on-ack
ManagedKubernetesClusterName:
Type: String
Label:
en: Managed Kubernetes Cluster Name
zh-cn: ACK托管版集群名称
AssociationProperty: AutoCompleteInput
AssociationPropertyMetadata:
Length: 5
Prefix: k8s-hpa-cluster-
CharacterClasses:
- Class: lowercase
min: 1
ZoneId1:
Type: String
AssociationProperty: 'ALIYUN::ECS::Instance::ZoneId'
AssociationPropertyMetadata:
ExclusiveTo:
- ZoneId2
Label:
en: Availability Zone
zh-cn: 可用区1
ZoneId2:
Type: String
AssociationProperty: 'ALIYUN::ECS::Instance::ZoneId'
AssociationPropertyMetadata:
ExclusiveTo:
- ZoneId1
Label:
en: Availability Zone
zh-cn: 可用区2
InstanceType:
Type: CommaDelimitedList
AssociationProperty: 'ALIYUN::ECS::Instance::InstanceType'
AssociationPropertyMetadata:
InstanceChargeType: PostPaid
SystemDiskCategory: cloud_essd
CreateACKClusterParams:
NetworkPlugin: terway-eniip
Label:
en: Instance Type
zh-cn: 实例规格
InstancePassword:
NoEcho: true
Type: String
Description:
en: >-
Server login password, Length 8-30, must contain three(Capital letters,
lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special
symbol in)
zh-cn: >-
服务器登录密码,长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/
中的特殊符号)
Label:
en: Instance Password
zh-cn: 实例密码
ConstraintDescription:
en: >-
Length 8-30, must contain three(Capital letters, lowercase letters,
numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in)
zh-cn: '长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;''<>,.?/ 中的特殊符号)'
AssociationProperty: 'ALIYUN::ECS::Instance::Password'
Default: null
Resources:
Vpc:
Type: 'ALIYUN::ECS::VPC'
Properties:
CidrBlock: 10.0.0.0/8
VpcName:
Fn::Sub: ${CommonName}-vpc
VSwitch1:
Type: 'ALIYUN::ECS::VSwitch'
Properties:
VpcId:
Ref: Vpc
CidrBlock: 10.0.0.0/24
ZoneId:
Ref: ZoneId1
VSwitchName:
Fn::Sub: ${CommonName}-vsw
VSwitch2:
Type: 'ALIYUN::ECS::VSwitch'
Properties:
VpcId:
Ref: Vpc
CidrBlock: 10.0.1.0/24
ZoneId:
Ref: ZoneId2
VSwitchName:
Fn::Sub: ${CommonName}-vsw
SecurityGroup:
Type: 'ALIYUN::ECS::SecurityGroup'
Properties:
VpcId:
Ref: Vpc
SecurityGroupName:
Fn::Sub: ${CommonName}-sg
SecurityGroupIngress:
- PortRange: 8080/8080
SourceCidrIp: 0.0.0.0/0
IpProtocol: tcp
- PortRange: 80/80
SourceCidrIp: 0.0.0.0/0
IpProtocol: tcp
AckCluster:
Type: 'ALIYUN::CS::ManagedKubernetesCluster'
Properties:
VpcId:
Ref: Vpc
VSwitchIds:
- Ref: VSwitch1
- Ref: VSwitch2
PodVswitchIds:
- Ref: VSwitch1
- Ref: VSwitch1
Name:
Ref: ManagedKubernetesClusterName
KubernetesVersion: 1.33.1-aliyun.1
ServiceCidr: 192.168.0.0/16
ClusterSpec: ack.pro.small
LoadBalancerSpec: slb.s2.small
IsEnterpriseSecurityGroup: true
SnatEntry: true
NumOfNodes: 0
EndpointPublicAccess: true
Platform: AliyunLinux
Addons:
- Name: terway-eniip
Config: '{"IPVlan":"false","NetworkPolicy":"false","ENITrunking":"false"}'
- Name: csi-plugin
- Name: csi-provisioner
- Name: storage-operator
Config: '{"CnfsOssEnable":"false","CnfsNasEnable":"false"}'
- Name: logtail-ds
Config: '{"IngressDashboardEnabled":"true"}'
- Name: nginx-ingress-controller
Disabled: true
- Name: alb-ingress-controller
Version: ""
Config:
Fn::Sub: >-
{"albIngress":{"AddressType":"Internet","ZoneMappings":{"${ZoneId1}":["${VSwitch1}"],
"${ZoneId2}":["${VSwitch2}"]},"CreateDefaultALBConfig":true}}
- Name: ack-node-local-dns
ProxyMode: ipvs
DeleteOptions:
- ResourceType: ALB
DeleteMode: delete
- ResourceType: SLB
DeleteMode: delete
- ResourceType: SLS_Data
DeleteMode: delete
- ResourceType: SLS_ControlPlane
DeleteMode: delete
- ResourceType: PrivateZone
DeleteMode: delete
NodePools:
Type: 'ALIYUN::CS::ClusterNodePool'
Properties:
ClusterId:
Ref: AckCluster
NodePoolInfo:
Name: default-nodepool
ScalingGroup:
InstanceChargeType: PostPaid
VSwitchIds:
- Ref: VSwitch1
- Ref: VSwitch2
ZoneIds:
- Ref: ZoneId1
- Ref: ZoneId2
SystemDiskCategory: cloud_essd
SystemDiskPerformanceLevel: PL0
SystemDiskSize: 120
InstanceTypes:
Ref: InstanceType
LoginPassword:
Ref: InstancePassword
Platform: AliyunLinux
ImageId: aliyun_3_9_x64_20G_alibase_20231219.vhd
KubernetesConfig:
Runtime: containerd
RuntimeVersion: 1.6.28
Count: 3
InstallBackendApp:
Type: 'ALIYUN::CS::ClusterApplication'
DependsOn: NodePools
Properties:
ClusterId:
Ref: AckCluster
YamlContent:
Fn::Sub: |-
apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1
kind: Deployment
metadata:
name: ecs-ack-test-service-a
labels:
app: ecs-ack-test-service-a
spec:
replicas: 2
selector:
matchLabels:
app: ecs-ack-test-service-a
template:
metadata:
labels:
app: ecs-ack-test-service-a
spec:
initContainers:
- name: download-jar
image: dragonwell-registry.cn-hangzhou.cr.aliyuncs.com/dragonwell/dragonwell:8-alinux
command:
- "/bin/sh"
- "-c"
- "curl -o /app/app.jar https://help-static-aliyun-doc.aliyuncs.com/tech-solution/MicroServiceOnAckDemo-1.0.1.jar && echo 'Download jar OK!'"
volumeMounts:
- name: app-jar
mountPath: /app
containers:
- args:
- '-DbHost=http://ecs-ack-test-service-b:8080'
- '-jar'
- '/app/app.jar'
command:
- java
name: ecs-ack-test-service-a
image: dragonwell-registry.cn-hangzhou.cr.aliyuncs.com/dragonwell/dragonwell:8-alinux
env:
- name: APP_MANUAL_DEPLOY
value: "false"
ports:
- containerPort: 8080
resources:
limits:
cpu: '2'
ephemeral-storage: 40Gi
memory: 2Gi
requests:
cpu: '1'
ephemeral-storage: 20Gi
memory: 1Gi
volumeMounts:
- name: app-jar
mountPath: /app
volumes:
- name: app-jar
emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
name: ecs-ack-test-service-a
spec:
selector:
app: ecs-ack-test-service-a
ports:
- protocol: TCP
port: 8080
targetPort: 8080
---
apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1
kind: Deployment
metadata:
name: ecs-ack-test-service-b
labels:
app: ecs-ack-test-service-b
spec:
replicas: 2
selector:
matchLabels:
app: ecs-ack-test-service-b
template:
metadata:
labels:
app: ecs-ack-test-service-b
spec:
initContainers:
- name: download-jar
image: dragonwell-registry.cn-hangzhou.cr.aliyuncs.com/dragonwell/dragonwell:8-alinux
command:
- "/bin/sh"
- "-c"
- "curl -o /app/app.jar https://help-static-aliyun-doc.aliyuncs.com/tech-solution/MicroServiceOnAckDemo-1.0.1.jar && echo 'Download jar OK!'"
volumeMounts:
- name: app-jar
mountPath: /app
containers:
- args:
- '-DbHost=http://ecs-ack-test-service-b:8080'
- '-jar'
- '/app/app.jar'
command:
- java
name: ecs-ack-test-service-b
image: dragonwell-registry.cn-hangzhou.cr.aliyuncs.com/dragonwell/dragonwell:8-alinux
env:
- name: APP_MANUAL_DEPLOY
value: "false"
ports:
- containerPort: 8080
resources:
limits:
cpu: '2'
ephemeral-storage: 40Gi
memory: 2Gi
requests:
cpu: '1'
ephemeral-storage: 20Gi
memory: 1Gi
volumeMounts:
- name: app-jar
mountPath: /app
volumes:
- name: app-jar
emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
name: ecs-ack-test-service-b
spec:
selector:
app: ecs-ack-test-service-b
ports:
- protocol: TCP
port: 8080
targetPort: 8080
AlbConfig:
Type: 'ALIYUN::CS::ClusterApplication'
DependsOn: InstallBackendApp
Properties:
ClusterId:
Ref: AckCluster
YamlContent:
Fn::Sub: |-
apiVersion: alibabacloud.com/v1
kind: AlbConfig
metadata:
name: ecs-ack-test-alb-config
spec:
config:
name: ecs-ack-test-alb
addressType: Internet
zoneMappings:
- vSwitchId: ${VSwitch1}
- vSwitchId: ${VSwitch2}
listeners:
- port: 80
protocol: HTTP
---
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
name: ecs-ack-test-alb
spec:
controller: ingress.k8s.alibabacloud/alb
parameters:
apiGroup: alibabacloud.com
kind: AlbConfig
name: ecs-ack-test-alb-config
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ecs-ack-test-alb-ingress
spec:
ingressClassName: ecs-ack-test-alb
rules:
- http:
paths:
- path: /a
pathType: ImplementationSpecific
backend:
service:
name: ecs-ack-test-service-a
port:
number: 8080
- path: /b
pathType: ImplementationSpecific
backend:
service:
name: ecs-ack-test-service-b
port:
number: 8080
WaitAlbIngress:
Type: ALIYUN::ROS::Sleep
DependsOn: AlbConfig
Properties:
CreateDuration: 120
IngressInfo:
Type: 'DATASOURCE::CS::ClusterApplicationResources'
DependsOn: WaitAlbIngress
Properties:
ClusterId:
Ref: AckCluster
Kind: Ingress
Namespace: default
JsonPath: $.items.[0].status.loadBalancer.ingress.[0].hostname
FirstMatch: true
Outputs:
UrlServiceA:
Description:
zh-cn: A服务访问地址。
en: The addresses of A service.
Value:
'Fn::Sub': http://${IngressInfo}/a
UrlServiceB:
Description:
zh-cn: B服务访问地址。
en: The addresses of B service.
Value:
'Fn::Sub': http://${IngressInfo}/b
Metadata:
'ALIYUN::ROS::Interface':
ParameterGroups:
- Parameters:
- SlsProjectName
- ManagedKubernetesClusterName
- ZoneId1
- ZoneId2
- InstanceType
- InstancePassword
TemplateTags:
- acs:technical-solution:micro:如何快速使用ACK搭建微服务-tech_solu_124
Hidden:
- CommonName{
"ROSTemplateFormatVersion": "2015-09-01",
"Description": {
"zh-cn": "创建ACK集群,配置VPC、安全组,部署微服务应用,自动伸缩节点池,设置ALB ingress,输出服务访问URL。",
"en": "Create an ACK (Alibaba Cloud Container Service for Kubernetes) cluster, configure VPC (Virtual Private Cloud) and security groups, deploy microservices applications, automatically scale node pools, set up ALB (Application Load Balancer) ingress, and output the service access URL."
},
"Parameters": {
"CommonName": {
"Type": "String",
"Default": "microservices-on-ack"
},
"ManagedKubernetesClusterName": {
"Type": "String",
"Label": {
"en": "Managed Kubernetes Cluster Name",
"zh-cn": "ACK托管版集群名称"
},
"AssociationProperty": "AutoCompleteInput",
"AssociationPropertyMetadata": {
"Length": 5,
"Prefix": "k8s-hpa-cluster-",
"CharacterClasses": [
{
"Class": "lowercase",
"min": 1
}
]
}
},
"ZoneId1": {
"Type": "String",
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",
"AssociationPropertyMetadata": {
"ExclusiveTo": [
"ZoneId2"
]
},
"Label": {
"en": "Availability Zone",
"zh-cn": "可用区1"
}
},
"ZoneId2": {
"Type": "String",
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",
"AssociationPropertyMetadata": {
"ExclusiveTo": [
"ZoneId1"
]
},
"Label": {
"en": "Availability Zone",
"zh-cn": "可用区2"
}
},
"InstanceType": {
"Type": "CommaDelimitedList",
"AssociationProperty": "ALIYUN::ECS::Instance::InstanceType",
"AssociationPropertyMetadata": {
"InstanceChargeType": "PostPaid",
"SystemDiskCategory": "cloud_essd",
"CreateACKClusterParams": {
"NetworkPlugin": "terway-eniip"
}
},
"Label": {
"en": "Instance Type",
"zh-cn": "实例规格"
}
},
"InstancePassword": {
"NoEcho": true,
"Type": "String",
"Description": {
"en": "Server login password, Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in)",
"zh-cn": "服务器登录密码,长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)"
},
"Label": {
"en": "Instance Password",
"zh-cn": "实例密码"
},
"ConstraintDescription": {
"en": "Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in)",
"zh-cn": "长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)"
},
"AssociationProperty": "ALIYUN::ECS::Instance::Password",
"Default": null
}
},
"Resources": {
"Vpc": {
"Type": "ALIYUN::ECS::VPC",
"Properties": {
"CidrBlock": "10.0.0.0/8",
"VpcName": {
"Fn::Sub": "${CommonName}-vpc"
}
}
},
"VSwitch1": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"CidrBlock": "10.0.0.0/24",
"ZoneId": {
"Ref": "ZoneId1"
},
"VSwitchName": {
"Fn::Sub": "${CommonName}-vsw"
}
}
},
"VSwitch2": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"CidrBlock": "10.0.1.0/24",
"ZoneId": {
"Ref": "ZoneId2"
},
"VSwitchName": {
"Fn::Sub": "${CommonName}-vsw"
}
}
},
"SecurityGroup": {
"Type": "ALIYUN::ECS::SecurityGroup",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"SecurityGroupName": {
"Fn::Sub": "${CommonName}-sg"
},
"SecurityGroupIngress": [
{
"PortRange": "8080/8080",
"SourceCidrIp": "0.0.0.0/0",
"IpProtocol": "tcp"
},
{
"PortRange": "80/80",
"SourceCidrIp": "0.0.0.0/0",
"IpProtocol": "tcp"
}
]
}
},
"AckCluster": {
"Type": "ALIYUN::CS::ManagedKubernetesCluster",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"VSwitchIds": [
{
"Ref": "VSwitch1"
},
{
"Ref": "VSwitch2"
}
],
"PodVswitchIds": [
{
"Ref": "VSwitch1"
},
{
"Ref": "VSwitch1"
}
],
"Name": {
"Ref": "ManagedKubernetesClusterName"
},
"KubernetesVersion": "1.33.1-aliyun.1",
"ServiceCidr": "192.168.0.0/16",
"ClusterSpec": "ack.pro.small",
"LoadBalancerSpec": "slb.s2.small",
"IsEnterpriseSecurityGroup": true,
"SnatEntry": true,
"NumOfNodes": 0,
"EndpointPublicAccess": true,
"Platform": "AliyunLinux",
"Addons": [
{
"Name": "terway-eniip",
"Config": "{\"IPVlan\":\"false\",\"NetworkPolicy\":\"false\",\"ENITrunking\":\"false\"}"
},
{
"Name": "csi-plugin"
},
{
"Name": "csi-provisioner"
},
{
"Name": "storage-operator",
"Config": "{\"CnfsOssEnable\":\"false\",\"CnfsNasEnable\":\"false\"}"
},
{
"Name": "logtail-ds",
"Config": "{\"IngressDashboardEnabled\":\"true\"}"
},
{
"Name": "nginx-ingress-controller",
"Disabled": true
},
{
"Name": "alb-ingress-controller",
"Version": "",
"Config": {
"Fn::Sub": "{\"albIngress\":{\"AddressType\":\"Internet\",\"ZoneMappings\":{\"${ZoneId1}\":[\"${VSwitch1}\"], \"${ZoneId2}\":[\"${VSwitch2}\"]},\"CreateDefaultALBConfig\":true}}"
}
},
{
"Name": "ack-node-local-dns"
}
],
"ProxyMode": "ipvs",
"DeleteOptions": [
{
"ResourceType": "ALB",
"DeleteMode": "delete"
},
{
"ResourceType": "SLB",
"DeleteMode": "delete"
},
{
"ResourceType": "SLS_Data",
"DeleteMode": "delete"
},
{
"ResourceType": "SLS_ControlPlane",
"DeleteMode": "delete"
},
{
"ResourceType": "PrivateZone",
"DeleteMode": "delete"
}
]
}
},
"NodePools": {
"Type": "ALIYUN::CS::ClusterNodePool",
"Properties": {
"ClusterId": {
"Ref": "AckCluster"
},
"NodePoolInfo": {
"Name": "default-nodepool"
},
"ScalingGroup": {
"InstanceChargeType": "PostPaid",
"VSwitchIds": [
{
"Ref": "VSwitch1"
},
{
"Ref": "VSwitch2"
}
],
"ZoneIds": [
{
"Ref": "ZoneId1"
},
{
"Ref": "ZoneId2"
}
],
"SystemDiskCategory": "cloud_essd",
"SystemDiskPerformanceLevel": "PL0",
"SystemDiskSize": 120,
"InstanceTypes": {
"Ref": "InstanceType"
},
"LoginPassword": {
"Ref": "InstancePassword"
},
"Platform": "AliyunLinux",
"ImageId": "aliyun_3_9_x64_20G_alibase_20231219.vhd"
},
"KubernetesConfig": {
"Runtime": "containerd",
"RuntimeVersion": "1.6.28"
},
"Count": 3
}
},
"InstallBackendApp": {
"Type": "ALIYUN::CS::ClusterApplication",
"DependsOn": "NodePools",
"Properties": {
"ClusterId": {
"Ref": "AckCluster"
},
"YamlContent": {
"Fn::Sub": "apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1\nkind: Deployment\nmetadata:\n name: ecs-ack-test-service-a\n labels:\n app: ecs-ack-test-service-a\nspec:\n replicas: 2\n selector:\n matchLabels:\n app: ecs-ack-test-service-a\n template:\n metadata:\n labels:\n app: ecs-ack-test-service-a\n spec:\n initContainers:\n - name: download-jar\n image: dragonwell-registry.cn-hangzhou.cr.aliyuncs.com/dragonwell/dragonwell:8-alinux\n command:\n - \"/bin/sh\"\n - \"-c\"\n - \"curl -o /app/app.jar https://help-static-aliyun-doc.aliyuncs.com/tech-solution/MicroServiceOnAckDemo-1.0.1.jar && echo 'Download jar OK!'\"\n volumeMounts:\n - name: app-jar\n mountPath: /app\n containers:\n - args:\n - '-DbHost=http://ecs-ack-test-service-b:8080'\n - '-jar'\n - '/app/app.jar'\n command:\n - java\n name: ecs-ack-test-service-a\n image: dragonwell-registry.cn-hangzhou.cr.aliyuncs.com/dragonwell/dragonwell:8-alinux\n env:\n - name: APP_MANUAL_DEPLOY\n value: \"false\"\n ports:\n - containerPort: 8080\n resources:\n limits:\n cpu: '2'\n ephemeral-storage: 40Gi\n memory: 2Gi\n requests:\n cpu: '1'\n ephemeral-storage: 20Gi\n memory: 1Gi\n volumeMounts:\n - name: app-jar\n mountPath: /app\n volumes:\n - name: app-jar\n emptyDir: {}\n---\napiVersion: v1\nkind: Service\nmetadata:\n name: ecs-ack-test-service-a\nspec:\n selector:\n app: ecs-ack-test-service-a\n ports:\n - protocol: TCP\n port: 8080\n targetPort: 8080\n---\napiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1\nkind: Deployment\nmetadata:\n name: ecs-ack-test-service-b\n labels:\n app: ecs-ack-test-service-b\nspec:\n replicas: 2\n selector:\n matchLabels:\n app: ecs-ack-test-service-b\n template:\n metadata:\n labels:\n app: ecs-ack-test-service-b\n spec:\n initContainers:\n - name: download-jar\n image: dragonwell-registry.cn-hangzhou.cr.aliyuncs.com/dragonwell/dragonwell:8-alinux\n command:\n - \"/bin/sh\"\n - \"-c\"\n - \"curl -o /app/app.jar https://help-static-aliyun-doc.aliyuncs.com/tech-solution/MicroServiceOnAckDemo-1.0.1.jar && echo 'Download jar OK!'\"\n volumeMounts:\n - name: app-jar\n mountPath: /app\n containers:\n - args:\n - '-DbHost=http://ecs-ack-test-service-b:8080'\n - '-jar'\n - '/app/app.jar'\n command:\n - java\n name: ecs-ack-test-service-b\n image: dragonwell-registry.cn-hangzhou.cr.aliyuncs.com/dragonwell/dragonwell:8-alinux\n env:\n - name: APP_MANUAL_DEPLOY\n value: \"false\"\n ports:\n - containerPort: 8080\n resources:\n limits:\n cpu: '2'\n ephemeral-storage: 40Gi\n memory: 2Gi\n requests:\n cpu: '1'\n ephemeral-storage: 20Gi\n memory: 1Gi\n volumeMounts:\n - name: app-jar\n mountPath: /app\n volumes:\n - name: app-jar\n emptyDir: {}\n---\napiVersion: v1\nkind: Service\nmetadata:\n name: ecs-ack-test-service-b\nspec:\n selector:\n app: ecs-ack-test-service-b\n ports:\n - protocol: TCP\n port: 8080\n targetPort: 8080"
}
}
},
"AlbConfig": {
"Type": "ALIYUN::CS::ClusterApplication",
"DependsOn": "InstallBackendApp",
"Properties": {
"ClusterId": {
"Ref": "AckCluster"
},
"YamlContent": {
"Fn::Sub": "apiVersion: alibabacloud.com/v1\nkind: AlbConfig\nmetadata:\n name: ecs-ack-test-alb-config\nspec:\n config:\n name: ecs-ack-test-alb\n addressType: Internet\n zoneMappings:\n - vSwitchId: ${VSwitch1}\n - vSwitchId: ${VSwitch2}\n listeners:\n - port: 80\n protocol: HTTP\n---\napiVersion: networking.k8s.io/v1\nkind: IngressClass\nmetadata:\n name: ecs-ack-test-alb\nspec:\n controller: ingress.k8s.alibabacloud/alb\n parameters:\n apiGroup: alibabacloud.com\n kind: AlbConfig\n name: ecs-ack-test-alb-config\n---\napiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n name: ecs-ack-test-alb-ingress\nspec:\n ingressClassName: ecs-ack-test-alb \n rules:\n - http:\n paths:\n - path: /a\n pathType: ImplementationSpecific\n backend:\n service:\n name: ecs-ack-test-service-a\n port:\n number: 8080\n - path: /b\n pathType: ImplementationSpecific\n backend:\n service:\n name: ecs-ack-test-service-b\n port: \n number: 8080"
}
}
},
"WaitAlbIngress": {
"Type": "ALIYUN::ROS::Sleep",
"DependsOn": "AlbConfig",
"Properties": {
"CreateDuration": 120
}
},
"IngressInfo": {
"Type": "DATASOURCE::CS::ClusterApplicationResources",
"DependsOn": "WaitAlbIngress",
"Properties": {
"ClusterId": {
"Ref": "AckCluster"
},
"Kind": "Ingress",
"Namespace": "default",
"JsonPath": "$.items.[0].status.loadBalancer.ingress.[0].hostname",
"FirstMatch": true
}
}
},
"Outputs": {
"UrlServiceA": {
"Description": {
"zh-cn": "A服务访问地址。",
"en": "The addresses of A service."
},
"Value": {
"Fn::Sub": "http://${IngressInfo}/a"
}
},
"UrlServiceB": {
"Description": {
"zh-cn": "B服务访问地址。",
"en": "The addresses of B service."
},
"Value": {
"Fn::Sub": "http://${IngressInfo}/b"
}
}
},
"Metadata": {
"ALIYUN::ROS::Interface": {
"ParameterGroups": [
{
"Parameters": [
"SlsProjectName",
"ManagedKubernetesClusterName",
"ZoneId1",
"ZoneId2",
"InstanceType",
"InstancePassword"
]
}
],
"TemplateTags": [
"acs:technical-solution:micro:如何快速使用ACK搭建微服务-tech_solu_124"
],
"Hidden": [
"CommonName"
]
}
}
}更多示例,请参考包含此资源的公共模板。
该文章对您有帮助吗?