ibm 1.78.0, Apr 30 25

ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud

ibm.ContainerCluster

Explore with Pulumi AI

ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud

ibm-cloud/terraform-provider-ibm

Example Usage

Classic IBM Cloud Kubernetes Service cluster

The following example creates a single zone IBM Cloud Kubernetes Service cluster that is named mycluster with one worker node in the default worker pool.

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const testaccCluster = new ibm.ContainerCluster("testaccCluster", {
    datacenter: "dal10",
    defaultPoolSize: 1,
    hardware: "shared",
    labels: {
        test: "test-pool",
    },
    machineType: "u2c.2x4",
    privateVlanId: "vlan",
    publicVlanId: "vlan",
    subnetIds: ["1154643"],
    webhooks: [{
        level: "Normal",
        type: "slack",
        url: "https://hooks.slack.com/services/yt7rebjhgh2r4rd44fjk",
    }],
});

import pulumi
import pulumi_ibm as ibm

testacc_cluster = ibm.ContainerCluster("testaccCluster",
    datacenter="dal10",
    default_pool_size=1,
    hardware="shared",
    labels={
        "test": "test-pool",
    },
    machine_type="u2c.2x4",
    private_vlan_id="vlan",
    public_vlan_id="vlan",
    subnet_ids=["1154643"],
    webhooks=[{
        "level": "Normal",
        "type": "slack",
        "url": "https://hooks.slack.com/services/yt7rebjhgh2r4rd44fjk",
    }])

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.NewContainerCluster(ctx, "testaccCluster", &ibm.ContainerClusterArgs{
			Datacenter:      pulumi.String("dal10"),
			DefaultPoolSize: pulumi.Float64(1),
			Hardware:        pulumi.String("shared"),
			Labels: pulumi.StringMap{
				"test": pulumi.String("test-pool"),
			},
			MachineType:   pulumi.String("u2c.2x4"),
			PrivateVlanId: pulumi.String("vlan"),
			PublicVlanId:  pulumi.String("vlan"),
			SubnetIds: pulumi.StringArray{
				pulumi.String("1154643"),
			},
			Webhooks: ibm.ContainerClusterWebhookArray{
				&ibm.ContainerClusterWebhookArgs{
					Level: pulumi.String("Normal"),
					Type:  pulumi.String("slack"),
					Url:   pulumi.String("https://hooks.slack.com/services/yt7rebjhgh2r4rd44fjk"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var testaccCluster = new Ibm.ContainerCluster("testaccCluster", new()
    {
        Datacenter = "dal10",
        DefaultPoolSize = 1,
        Hardware = "shared",
        Labels = 
        {
            { "test", "test-pool" },
        },
        MachineType = "u2c.2x4",
        PrivateVlanId = "vlan",
        PublicVlanId = "vlan",
        SubnetIds = new[]
        {
            "1154643",
        },
        Webhooks = new[]
        {
            new Ibm.Inputs.ContainerClusterWebhookArgs
            {
                Level = "Normal",
                Type = "slack",
                Url = "https://hooks.slack.com/services/yt7rebjhgh2r4rd44fjk",
            },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.ContainerCluster;
import com.pulumi.ibm.ContainerClusterArgs;
import com.pulumi.ibm.inputs.ContainerClusterWebhookArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testaccCluster = new ContainerCluster("testaccCluster", ContainerClusterArgs.builder()
            .datacenter("dal10")
            .defaultPoolSize(1)
            .hardware("shared")
            .labels(Map.of("test", "test-pool"))
            .machineType("u2c.2x4")
            .privateVlanId("vlan")
            .publicVlanId("vlan")
            .subnetIds("1154643")
            .webhooks(ContainerClusterWebhookArgs.builder()
                .level("Normal")
                .type("slack")
                .url("https://hooks.slack.com/services/yt7rebjhgh2r4rd44fjk")
                .build())
            .build());

    }
}

resources:
  testaccCluster:
    type: ibm:ContainerCluster
    properties:
      datacenter: dal10
      defaultPoolSize: 1
      hardware: shared
      labels:
        test: test-pool
      machineType: u2c.2x4
      privateVlanId: vlan
      publicVlanId: vlan
      subnetIds:
        - '1154643'
      webhooks:
        - level: Normal
          type: slack
          url: https://hooks.slack.com/services/yt7rebjhgh2r4rd44fjk

Create the Kubernetes cluster with a default worker pool with 2 workers and one standalone worker as mentioned by worker_num:

Coming soon!

Coming soon!

Coming soon!

Coming soon!

Coming soon!

resources:
  testaccCluster:
    type: ibm:ContainerCluster
    properties:
      datacenter: dal10
      defaultPoolSize: 2
      hardware: shared
      labels:
        test: test-pool
      machineType: u2c.2x4
      privateVlanId: vlan
      publicVlanId: vlan
      subnetIds:
        - '1154643'
      webhooks:
        - level: Normal
          type: slack
          url: https://hooks.slack.com/services/yt7rebjhgh2r4rd44fjk
      workerNum: 1

Create a Gateway enabled Kubernetes cluster:

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const testaccCluster = new ibm.ContainerCluster("testaccCluster", {
    datacenter: "dal10",
    gatewayEnabled: true,
    hardware: "shared",
    machineType: "b3c.4x16",
    noSubnet: false,
    privateServiceEndpoint: true,
    privateVlanId: "2709721",
});

import pulumi
import pulumi_ibm as ibm

testacc_cluster = ibm.ContainerCluster("testaccCluster",
    datacenter="dal10",
    gateway_enabled=True,
    hardware="shared",
    machine_type="b3c.4x16",
    no_subnet=False,
    private_service_endpoint=True,
    private_vlan_id="2709721")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.NewContainerCluster(ctx, "testaccCluster", &ibm.ContainerClusterArgs{
			Datacenter:             pulumi.String("dal10"),
			GatewayEnabled:         pulumi.Bool(true),
			Hardware:               pulumi.String("shared"),
			MachineType:            pulumi.String("b3c.4x16"),
			NoSubnet:               pulumi.Bool(false),
			PrivateServiceEndpoint: pulumi.Bool(true),
			PrivateVlanId:          pulumi.String("2709721"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var testaccCluster = new Ibm.ContainerCluster("testaccCluster", new()
    {
        Datacenter = "dal10",
        GatewayEnabled = true,
        Hardware = "shared",
        MachineType = "b3c.4x16",
        NoSubnet = false,
        PrivateServiceEndpoint = true,
        PrivateVlanId = "2709721",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.ContainerCluster;
import com.pulumi.ibm.ContainerClusterArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testaccCluster = new ContainerCluster("testaccCluster", ContainerClusterArgs.builder()
            .datacenter("dal10")
            .gatewayEnabled(true)
            .hardware("shared")
            .machineType("b3c.4x16")
            .noSubnet(false)
            .privateServiceEndpoint(true)
            .privateVlanId("2709721")
            .build());

    }
}

resources:
  testaccCluster:
    type: ibm:ContainerCluster
    properties:
      datacenter: dal10
      gatewayEnabled: true
      hardware: shared
      machineType: b3c.4x16
      noSubnet: false
      privateServiceEndpoint: true
      privateVlanId: '2709721'

Create a kms enabled Kubernetes cluster:

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const cluster = new ibm.ContainerCluster("cluster", {
    datacenter: "dal10",
    noSubnet: true,
    defaultPoolSize: 2,
    hardware: "shared",
    resourceGroupId: data.ibm_resource_group.testacc_ds_resource_group.id,
    machineType: "b2c.16x64",
    publicVlanId: "2771174",
    privateVlanId: "2771176",
    kmsConfig: {
        instanceId: "12043812-757f-4e1e-8436-6af3245e6a69",
        crkId: "0792853c-b9f9-4b35-9d9e-ffceab51d3c1",
        privateEndpoint: false,
    },
});

import pulumi
import pulumi_ibm as ibm

cluster = ibm.ContainerCluster("cluster",
    datacenter="dal10",
    no_subnet=True,
    default_pool_size=2,
    hardware="shared",
    resource_group_id=data["ibm_resource_group"]["testacc_ds_resource_group"]["id"],
    machine_type="b2c.16x64",
    public_vlan_id="2771174",
    private_vlan_id="2771176",
    kms_config={
        "instance_id": "12043812-757f-4e1e-8436-6af3245e6a69",
        "crk_id": "0792853c-b9f9-4b35-9d9e-ffceab51d3c1",
        "private_endpoint": False,
    })

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.NewContainerCluster(ctx, "cluster", &ibm.ContainerClusterArgs{
			Datacenter:      pulumi.String("dal10"),
			NoSubnet:        pulumi.Bool(true),
			DefaultPoolSize: pulumi.Float64(2),
			Hardware:        pulumi.String("shared"),
			ResourceGroupId: pulumi.Any(data.Ibm_resource_group.Testacc_ds_resource_group.Id),
			MachineType:     pulumi.String("b2c.16x64"),
			PublicVlanId:    pulumi.String("2771174"),
			PrivateVlanId:   pulumi.String("2771176"),
			KmsConfig: &ibm.ContainerClusterKmsConfigArgs{
				InstanceId:      pulumi.String("12043812-757f-4e1e-8436-6af3245e6a69"),
				CrkId:           pulumi.String("0792853c-b9f9-4b35-9d9e-ffceab51d3c1"),
				PrivateEndpoint: pulumi.Bool(false),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var cluster = new Ibm.ContainerCluster("cluster", new()
    {
        Datacenter = "dal10",
        NoSubnet = true,
        DefaultPoolSize = 2,
        Hardware = "shared",
        ResourceGroupId = data.Ibm_resource_group.Testacc_ds_resource_group.Id,
        MachineType = "b2c.16x64",
        PublicVlanId = "2771174",
        PrivateVlanId = "2771176",
        KmsConfig = new Ibm.Inputs.ContainerClusterKmsConfigArgs
        {
            InstanceId = "12043812-757f-4e1e-8436-6af3245e6a69",
            CrkId = "0792853c-b9f9-4b35-9d9e-ffceab51d3c1",
            PrivateEndpoint = false,
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.ContainerCluster;
import com.pulumi.ibm.ContainerClusterArgs;
import com.pulumi.ibm.inputs.ContainerClusterKmsConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var cluster = new ContainerCluster("cluster", ContainerClusterArgs.builder()
            .datacenter("dal10")
            .noSubnet(true)
            .defaultPoolSize(2)
            .hardware("shared")
            .resourceGroupId(data.ibm_resource_group().testacc_ds_resource_group().id())
            .machineType("b2c.16x64")
            .publicVlanId("2771174")
            .privateVlanId("2771176")
            .kmsConfig(ContainerClusterKmsConfigArgs.builder()
                .instanceId("12043812-757f-4e1e-8436-6af3245e6a69")
                .crkId("0792853c-b9f9-4b35-9d9e-ffceab51d3c1")
                .privateEndpoint(false)
                .build())
            .build());

    }
}

resources:
  cluster:
    type: ibm:ContainerCluster
    properties:
      datacenter: dal10
      noSubnet: true
      defaultPoolSize: 2
      hardware: shared
      resourceGroupId: ${data.ibm_resource_group.testacc_ds_resource_group.id}
      machineType: b2c.16x64
      publicVlanId: '2771174'
      privateVlanId: '2771176'
      kmsConfig:
        instanceId: 12043812-757f-4e1e-8436-6af3245e6a69
        crkId: 0792853c-b9f9-4b35-9d9e-ffceab51d3c1
        privateEndpoint: false

Create the Openshift Cluster with default worker pool entitlement:

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const cluster = new ibm.ContainerCluster("cluster", {
    datacenter: "dal10",
    defaultPoolSize: 3,
    entitlement: "cloud_pak",
    hardware: "shared",
    kubeVersion: "4.3_openshift",
    machineType: "b3c.4x16",
    privateVlanId: "2863616",
    publicVlanId: "2863614",
});

import pulumi
import pulumi_ibm as ibm

cluster = ibm.ContainerCluster("cluster",
    datacenter="dal10",
    default_pool_size=3,
    entitlement="cloud_pak",
    hardware="shared",
    kube_version="4.3_openshift",
    machine_type="b3c.4x16",
    private_vlan_id="2863616",
    public_vlan_id="2863614")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.NewContainerCluster(ctx, "cluster", &ibm.ContainerClusterArgs{
			Datacenter:      pulumi.String("dal10"),
			DefaultPoolSize: pulumi.Float64(3),
			Entitlement:     pulumi.String("cloud_pak"),
			Hardware:        pulumi.String("shared"),
			KubeVersion:     pulumi.String("4.3_openshift"),
			MachineType:     pulumi.String("b3c.4x16"),
			PrivateVlanId:   pulumi.String("2863616"),
			PublicVlanId:    pulumi.String("2863614"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var cluster = new Ibm.ContainerCluster("cluster", new()
    {
        Datacenter = "dal10",
        DefaultPoolSize = 3,
        Entitlement = "cloud_pak",
        Hardware = "shared",
        KubeVersion = "4.3_openshift",
        MachineType = "b3c.4x16",
        PrivateVlanId = "2863616",
        PublicVlanId = "2863614",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.ContainerCluster;
import com.pulumi.ibm.ContainerClusterArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var cluster = new ContainerCluster("cluster", ContainerClusterArgs.builder()
            .datacenter("dal10")
            .defaultPoolSize(3)
            .entitlement("cloud_pak")
            .hardware("shared")
            .kubeVersion("4.3_openshift")
            .machineType("b3c.4x16")
            .privateVlanId("2863616")
            .publicVlanId("2863614")
            .build());

    }
}

resources:
  cluster:
    type: ibm:ContainerCluster
    properties:
      datacenter: dal10
      defaultPoolSize: 3
      entitlement: cloud_pak
      hardware: shared
      kubeVersion: 4.3_openshift
      machineType: b3c.4x16
      privateVlanId: '2863616'
      publicVlanId: '2863614'

VPC Generation 2 IBM Cloud Kubernetes Service cluster

The following example creates a VPC Generation 2 cluster that is spread across two zones.

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const vpc1 = new ibm.IsVpc("vpc1", {});
const subnet1 = new ibm.IsSubnet("subnet1", {
    vpc: vpc1.isVpcId,
    zone: "us-south-1",
    totalIpv4AddressCount: 256,
});
const subnet2 = new ibm.IsSubnet("subnet2", {
    vpc: vpc1.isVpcId,
    zone: "us-south-2",
    totalIpv4AddressCount: 256,
});
const resourceGroup = ibm.getResourceGroup({
    name: _var.resource_group,
});
const cluster = new ibm.ContainerVpcCluster("cluster", {
    vpcId: vpc1.isVpcId,
    flavor: "bx2.4x16",
    workerCount: 3,
    resourceGroupId: resourceGroup.then(resourceGroup => resourceGroup.id),
    zones: [{
        subnetId: subnet1.isSubnetId,
        name: "us-south-1",
    }],
});
const clusterPool = new ibm.ContainerVpcWorkerPool("clusterPool", {
    cluster: cluster.containerVpcClusterId,
    workerPoolName: "mywp",
    flavor: "bx2.2x8",
    vpcId: vpc1.isVpcId,
    workerCount: 3,
    resourceGroupId: resourceGroup.then(resourceGroup => resourceGroup.id),
    zones: [{
        name: "us-south-2",
        subnetId: subnet2.isSubnetId,
    }],
});

import pulumi
import pulumi_ibm as ibm

vpc1 = ibm.IsVpc("vpc1")
subnet1 = ibm.IsSubnet("subnet1",
    vpc=vpc1.is_vpc_id,
    zone="us-south-1",
    total_ipv4_address_count=256)
subnet2 = ibm.IsSubnet("subnet2",
    vpc=vpc1.is_vpc_id,
    zone="us-south-2",
    total_ipv4_address_count=256)
resource_group = ibm.get_resource_group(name=var["resource_group"])
cluster = ibm.ContainerVpcCluster("cluster",
    vpc_id=vpc1.is_vpc_id,
    flavor="bx2.4x16",
    worker_count=3,
    resource_group_id=resource_group.id,
    zones=[{
        "subnet_id": subnet1.is_subnet_id,
        "name": "us-south-1",
    }])
cluster_pool = ibm.ContainerVpcWorkerPool("clusterPool",
    cluster=cluster.container_vpc_cluster_id,
    worker_pool_name="mywp",
    flavor="bx2.2x8",
    vpc_id=vpc1.is_vpc_id,
    worker_count=3,
    resource_group_id=resource_group.id,
    zones=[{
        "name": "us-south-2",
        "subnet_id": subnet2.is_subnet_id,
    }])

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		vpc1, err := ibm.NewIsVpc(ctx, "vpc1", nil)
		if err != nil {
			return err
		}
		subnet1, err := ibm.NewIsSubnet(ctx, "subnet1", &ibm.IsSubnetArgs{
			Vpc:                   vpc1.IsVpcId,
			Zone:                  pulumi.String("us-south-1"),
			TotalIpv4AddressCount: pulumi.Float64(256),
		})
		if err != nil {
			return err
		}
		subnet2, err := ibm.NewIsSubnet(ctx, "subnet2", &ibm.IsSubnetArgs{
			Vpc:                   vpc1.IsVpcId,
			Zone:                  pulumi.String("us-south-2"),
			TotalIpv4AddressCount: pulumi.Float64(256),
		})
		if err != nil {
			return err
		}
		resourceGroup, err := ibm.LookupResourceGroup(ctx, &ibm.LookupResourceGroupArgs{
			Name: pulumi.StringRef(_var.Resource_group),
		}, nil)
		if err != nil {
			return err
		}
		cluster, err := ibm.NewContainerVpcCluster(ctx, "cluster", &ibm.ContainerVpcClusterArgs{
			VpcId:           vpc1.IsVpcId,
			Flavor:          pulumi.String("bx2.4x16"),
			WorkerCount:     pulumi.Float64(3),
			ResourceGroupId: pulumi.String(resourceGroup.Id),
			Zones: ibm.ContainerVpcClusterZoneArray{
				&ibm.ContainerVpcClusterZoneArgs{
					SubnetId: subnet1.IsSubnetId,
					Name:     pulumi.String("us-south-1"),
				},
			},
		})
		if err != nil {
			return err
		}
		_, err = ibm.NewContainerVpcWorkerPool(ctx, "clusterPool", &ibm.ContainerVpcWorkerPoolArgs{
			Cluster:         cluster.ContainerVpcClusterId,
			WorkerPoolName:  pulumi.String("mywp"),
			Flavor:          pulumi.String("bx2.2x8"),
			VpcId:           vpc1.IsVpcId,
			WorkerCount:     pulumi.Float64(3),
			ResourceGroupId: pulumi.String(resourceGroup.Id),
			Zones: ibm.ContainerVpcWorkerPoolZoneArray{
				&ibm.ContainerVpcWorkerPoolZoneArgs{
					Name:     pulumi.String("us-south-2"),
					SubnetId: subnet2.IsSubnetId,
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var vpc1 = new Ibm.IsVpc("vpc1");

    var subnet1 = new Ibm.IsSubnet("subnet1", new()
    {
        Vpc = vpc1.IsVpcId,
        Zone = "us-south-1",
        TotalIpv4AddressCount = 256,
    });

    var subnet2 = new Ibm.IsSubnet("subnet2", new()
    {
        Vpc = vpc1.IsVpcId,
        Zone = "us-south-2",
        TotalIpv4AddressCount = 256,
    });

    var resourceGroup = Ibm.GetResourceGroup.Invoke(new()
    {
        Name = @var.Resource_group,
    });

    var cluster = new Ibm.ContainerVpcCluster("cluster", new()
    {
        VpcId = vpc1.IsVpcId,
        Flavor = "bx2.4x16",
        WorkerCount = 3,
        ResourceGroupId = resourceGroup.Apply(getResourceGroupResult => getResourceGroupResult.Id),
        Zones = new[]
        {
            new Ibm.Inputs.ContainerVpcClusterZoneArgs
            {
                SubnetId = subnet1.IsSubnetId,
                Name = "us-south-1",
            },
        },
    });

    var clusterPool = new Ibm.ContainerVpcWorkerPool("clusterPool", new()
    {
        Cluster = cluster.ContainerVpcClusterId,
        WorkerPoolName = "mywp",
        Flavor = "bx2.2x8",
        VpcId = vpc1.IsVpcId,
        WorkerCount = 3,
        ResourceGroupId = resourceGroup.Apply(getResourceGroupResult => getResourceGroupResult.Id),
        Zones = new[]
        {
            new Ibm.Inputs.ContainerVpcWorkerPoolZoneArgs
            {
                Name = "us-south-2",
                SubnetId = subnet2.IsSubnetId,
            },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.IsVpc;
import com.pulumi.ibm.IsSubnet;
import com.pulumi.ibm.IsSubnetArgs;
import com.pulumi.ibm.IbmFunctions;
import com.pulumi.ibm.inputs.GetResourceGroupArgs;
import com.pulumi.ibm.ContainerVpcCluster;
import com.pulumi.ibm.ContainerVpcClusterArgs;
import com.pulumi.ibm.inputs.ContainerVpcClusterZoneArgs;
import com.pulumi.ibm.ContainerVpcWorkerPool;
import com.pulumi.ibm.ContainerVpcWorkerPoolArgs;
import com.pulumi.ibm.inputs.ContainerVpcWorkerPoolZoneArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var vpc1 = new IsVpc("vpc1");

        var subnet1 = new IsSubnet("subnet1", IsSubnetArgs.builder()
            .vpc(vpc1.isVpcId())
            .zone("us-south-1")
            .totalIpv4AddressCount(256)
            .build());

        var subnet2 = new IsSubnet("subnet2", IsSubnetArgs.builder()
            .vpc(vpc1.isVpcId())
            .zone("us-south-2")
            .totalIpv4AddressCount(256)
            .build());

        final var resourceGroup = IbmFunctions.getResourceGroup(GetResourceGroupArgs.builder()
            .name(var_.resource_group())
            .build());

        var cluster = new ContainerVpcCluster("cluster", ContainerVpcClusterArgs.builder()
            .vpcId(vpc1.isVpcId())
            .flavor("bx2.4x16")
            .workerCount(3)
            .resourceGroupId(resourceGroup.applyValue(getResourceGroupResult -> getResourceGroupResult.id()))
            .zones(ContainerVpcClusterZoneArgs.builder()
                .subnetId(subnet1.isSubnetId())
                .name("us-south-1")
                .build())
            .build());

        var clusterPool = new ContainerVpcWorkerPool("clusterPool", ContainerVpcWorkerPoolArgs.builder()
            .cluster(cluster.containerVpcClusterId())
            .workerPoolName("mywp")
            .flavor("bx2.2x8")
            .vpcId(vpc1.isVpcId())
            .workerCount(3)
            .resourceGroupId(resourceGroup.applyValue(getResourceGroupResult -> getResourceGroupResult.id()))
            .zones(ContainerVpcWorkerPoolZoneArgs.builder()
                .name("us-south-2")
                .subnetId(subnet2.isSubnetId())
                .build())
            .build());

    }
}

resources:
  vpc1:
    type: ibm:IsVpc
  subnet1:
    type: ibm:IsSubnet
    properties:
      vpc: ${vpc1.isVpcId}
      zone: us-south-1
      totalIpv4AddressCount: 256
  subnet2:
    type: ibm:IsSubnet
    properties:
      vpc: ${vpc1.isVpcId}
      zone: us-south-2
      totalIpv4AddressCount: 256
  cluster:
    type: ibm:ContainerVpcCluster
    properties:
      vpcId: ${vpc1.isVpcId}
      flavor: bx2.4x16
      workerCount: 3
      resourceGroupId: ${resourceGroup.id}
      zones:
        - subnetId: ${subnet1.isSubnetId}
          name: us-south-1
  clusterPool:
    type: ibm:ContainerVpcWorkerPool
    properties:
      cluster: ${cluster.containerVpcClusterId}
      workerPoolName: mywp
      flavor: bx2.2x8
      vpcId: ${vpc1.isVpcId}
      workerCount: 3
      resourceGroupId: ${resourceGroup.id}
      zones:
        - name: us-south-2
          subnetId: ${subnet2.isSubnetId}
variables:
  resourceGroup:
    fn::invoke:
      function: ibm:getResourceGroup
      arguments:
        name: ${var.resource_group}

Create ContainerCluster Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new ContainerCluster(name: string, args: ContainerClusterArgs, opts?: CustomResourceOptions);

@overload
def ContainerCluster(resource_name: str,
                     args: ContainerClusterArgs,
                     opts: Optional[ResourceOptions] = None)

@overload
def ContainerCluster(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     hardware: Optional[str] = None,
                     datacenter: Optional[str] = None,
                     patch_version: Optional[str] = None,
                     private_vlan_id: Optional[str] = None,
                     entitlement: Optional[str] = None,
                     force_delete_storage: Optional[bool] = None,
                     gateway_enabled: Optional[bool] = None,
                     default_pool_size: Optional[float] = None,
                     image_security_enforcement: Optional[bool] = None,
                     kms_config: Optional[ContainerClusterKmsConfigArgs] = None,
                     kube_version: Optional[str] = None,
                     labels: Optional[Mapping[str, str]] = None,
                     machine_type: Optional[str] = None,
                     name: Optional[str] = None,
                     no_subnet: Optional[bool] = None,
                     operating_system: Optional[str] = None,
                     container_cluster_id: Optional[str] = None,
                     pod_subnet: Optional[str] = None,
                     disk_encryption: Optional[bool] = None,
                     public_service_endpoint: Optional[bool] = None,
                     private_service_endpoint: Optional[bool] = None,
                     public_vlan_id: Optional[str] = None,
                     region: Optional[str] = None,
                     resource_group_id: Optional[str] = None,
                     retry_patch_version: Optional[float] = None,
                     service_subnet: Optional[str] = None,
                     subnet_ids: Optional[Sequence[str]] = None,
                     tags: Optional[Sequence[str]] = None,
                     taints: Optional[Sequence[ContainerClusterTaintArgs]] = None,
                     timeouts: Optional[ContainerClusterTimeoutsArgs] = None,
                     update_all_workers: Optional[bool] = None,
                     wait_for_worker_update: Optional[bool] = None,
                     wait_till: Optional[str] = None,
                     webhooks: Optional[Sequence[ContainerClusterWebhookArgs]] = None,
                     workers_infos: Optional[Sequence[ContainerClusterWorkersInfoArgs]] = None)

func NewContainerCluster(ctx *Context, name string, args ContainerClusterArgs, opts ...ResourceOption) (*ContainerCluster, error)

public ContainerCluster(string name, ContainerClusterArgs args, CustomResourceOptions? opts = null)

public ContainerCluster(String name, ContainerClusterArgs args)
public ContainerCluster(String name, ContainerClusterArgs args, CustomResourceOptions options)

type: ibm:ContainerCluster
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ContainerClusterArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ContainerClusterArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ContainerClusterArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ContainerClusterArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ContainerClusterArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var containerClusterResource = new Ibm.ContainerCluster("containerClusterResource", new()
{
    Hardware = "string",
    Datacenter = "string",
    PatchVersion = "string",
    PrivateVlanId = "string",
    Entitlement = "string",
    ForceDeleteStorage = false,
    GatewayEnabled = false,
    DefaultPoolSize = 0,
    ImageSecurityEnforcement = false,
    KmsConfig = new Ibm.Inputs.ContainerClusterKmsConfigArgs
    {
        CrkId = "string",
        InstanceId = "string",
        AccountId = "string",
        PrivateEndpoint = false,
    },
    KubeVersion = "string",
    Labels = 
    {
        { "string", "string" },
    },
    MachineType = "string",
    Name = "string",
    NoSubnet = false,
    OperatingSystem = "string",
    ContainerClusterId = "string",
    PodSubnet = "string",
    DiskEncryption = false,
    PublicServiceEndpoint = false,
    PrivateServiceEndpoint = false,
    PublicVlanId = "string",
    ResourceGroupId = "string",
    RetryPatchVersion = 0,
    ServiceSubnet = "string",
    SubnetIds = new[]
    {
        "string",
    },
    Tags = new[]
    {
        "string",
    },
    Taints = new[]
    {
        new Ibm.Inputs.ContainerClusterTaintArgs
        {
            Effect = "string",
            Key = "string",
            Value = "string",
        },
    },
    Timeouts = new Ibm.Inputs.ContainerClusterTimeoutsArgs
    {
        Create = "string",
        Delete = "string",
        Update = "string",
    },
    UpdateAllWorkers = false,
    WaitForWorkerUpdate = false,
    WaitTill = "string",
    Webhooks = new[]
    {
        new Ibm.Inputs.ContainerClusterWebhookArgs
        {
            Level = "string",
            Type = "string",
            Url = "string",
        },
    },
    WorkersInfos = new[]
    {
        new Ibm.Inputs.ContainerClusterWorkersInfoArgs
        {
            Id = "string",
            PoolName = "string",
            Version = "string",
        },
    },
});

example, err := ibm.NewContainerCluster(ctx, "containerClusterResource", &ibm.ContainerClusterArgs{
	Hardware:                 pulumi.String("string"),
	Datacenter:               pulumi.String("string"),
	PatchVersion:             pulumi.String("string"),
	PrivateVlanId:            pulumi.String("string"),
	Entitlement:              pulumi.String("string"),
	ForceDeleteStorage:       pulumi.Bool(false),
	GatewayEnabled:           pulumi.Bool(false),
	DefaultPoolSize:          pulumi.Float64(0),
	ImageSecurityEnforcement: pulumi.Bool(false),
	KmsConfig: &ibm.ContainerClusterKmsConfigArgs{
		CrkId:           pulumi.String("string"),
		InstanceId:      pulumi.String("string"),
		AccountId:       pulumi.String("string"),
		PrivateEndpoint: pulumi.Bool(false),
	},
	KubeVersion: pulumi.String("string"),
	Labels: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	MachineType:            pulumi.String("string"),
	Name:                   pulumi.String("string"),
	NoSubnet:               pulumi.Bool(false),
	OperatingSystem:        pulumi.String("string"),
	ContainerClusterId:     pulumi.String("string"),
	PodSubnet:              pulumi.String("string"),
	DiskEncryption:         pulumi.Bool(false),
	PublicServiceEndpoint:  pulumi.Bool(false),
	PrivateServiceEndpoint: pulumi.Bool(false),
	PublicVlanId:           pulumi.String("string"),
	ResourceGroupId:        pulumi.String("string"),
	RetryPatchVersion:      pulumi.Float64(0),
	ServiceSubnet:          pulumi.String("string"),
	SubnetIds: pulumi.StringArray{
		pulumi.String("string"),
	},
	Tags: pulumi.StringArray{
		pulumi.String("string"),
	},
	Taints: ibm.ContainerClusterTaintArray{
		&ibm.ContainerClusterTaintArgs{
			Effect: pulumi.String("string"),
			Key:    pulumi.String("string"),
			Value:  pulumi.String("string"),
		},
	},
	Timeouts: &ibm.ContainerClusterTimeoutsArgs{
		Create: pulumi.String("string"),
		Delete: pulumi.String("string"),
		Update: pulumi.String("string"),
	},
	UpdateAllWorkers:    pulumi.Bool(false),
	WaitForWorkerUpdate: pulumi.Bool(false),
	WaitTill:            pulumi.String("string"),
	Webhooks: ibm.ContainerClusterWebhookArray{
		&ibm.ContainerClusterWebhookArgs{
			Level: pulumi.String("string"),
			Type:  pulumi.String("string"),
			Url:   pulumi.String("string"),
		},
	},
	WorkersInfos: ibm.ContainerClusterWorkersInfoArray{
		&ibm.ContainerClusterWorkersInfoArgs{
			Id:       pulumi.String("string"),
			PoolName: pulumi.String("string"),
			Version:  pulumi.String("string"),
		},
	},
})

var containerClusterResource = new ContainerCluster("containerClusterResource", ContainerClusterArgs.builder()
    .hardware("string")
    .datacenter("string")
    .patchVersion("string")
    .privateVlanId("string")
    .entitlement("string")
    .forceDeleteStorage(false)
    .gatewayEnabled(false)
    .defaultPoolSize(0)
    .imageSecurityEnforcement(false)
    .kmsConfig(ContainerClusterKmsConfigArgs.builder()
        .crkId("string")
        .instanceId("string")
        .accountId("string")
        .privateEndpoint(false)
        .build())
    .kubeVersion("string")
    .labels(Map.of("string", "string"))
    .machineType("string")
    .name("string")
    .noSubnet(false)
    .operatingSystem("string")
    .containerClusterId("string")
    .podSubnet("string")
    .diskEncryption(false)
    .publicServiceEndpoint(false)
    .privateServiceEndpoint(false)
    .publicVlanId("string")
    .resourceGroupId("string")
    .retryPatchVersion(0)
    .serviceSubnet("string")
    .subnetIds("string")
    .tags("string")
    .taints(ContainerClusterTaintArgs.builder()
        .effect("string")
        .key("string")
        .value("string")
        .build())
    .timeouts(ContainerClusterTimeoutsArgs.builder()
        .create("string")
        .delete("string")
        .update("string")
        .build())
    .updateAllWorkers(false)
    .waitForWorkerUpdate(false)
    .waitTill("string")
    .webhooks(ContainerClusterWebhookArgs.builder()
        .level("string")
        .type("string")
        .url("string")
        .build())
    .workersInfos(ContainerClusterWorkersInfoArgs.builder()
        .id("string")
        .poolName("string")
        .version("string")
        .build())
    .build());

container_cluster_resource = ibm.ContainerCluster("containerClusterResource",
    hardware="string",
    datacenter="string",
    patch_version="string",
    private_vlan_id="string",
    entitlement="string",
    force_delete_storage=False,
    gateway_enabled=False,
    default_pool_size=0,
    image_security_enforcement=False,
    kms_config={
        "crk_id": "string",
        "instance_id": "string",
        "account_id": "string",
        "private_endpoint": False,
    },
    kube_version="string",
    labels={
        "string": "string",
    },
    machine_type="string",
    name="string",
    no_subnet=False,
    operating_system="string",
    container_cluster_id="string",
    pod_subnet="string",
    disk_encryption=False,
    public_service_endpoint=False,
    private_service_endpoint=False,
    public_vlan_id="string",
    resource_group_id="string",
    retry_patch_version=0,
    service_subnet="string",
    subnet_ids=["string"],
    tags=["string"],
    taints=[{
        "effect": "string",
        "key": "string",
        "value": "string",
    }],
    timeouts={
        "create": "string",
        "delete": "string",
        "update": "string",
    },
    update_all_workers=False,
    wait_for_worker_update=False,
    wait_till="string",
    webhooks=[{
        "level": "string",
        "type": "string",
        "url": "string",
    }],
    workers_infos=[{
        "id": "string",
        "pool_name": "string",
        "version": "string",
    }])

const containerClusterResource = new ibm.ContainerCluster("containerClusterResource", {
    hardware: "string",
    datacenter: "string",
    patchVersion: "string",
    privateVlanId: "string",
    entitlement: "string",
    forceDeleteStorage: false,
    gatewayEnabled: false,
    defaultPoolSize: 0,
    imageSecurityEnforcement: false,
    kmsConfig: {
        crkId: "string",
        instanceId: "string",
        accountId: "string",
        privateEndpoint: false,
    },
    kubeVersion: "string",
    labels: {
        string: "string",
    },
    machineType: "string",
    name: "string",
    noSubnet: false,
    operatingSystem: "string",
    containerClusterId: "string",
    podSubnet: "string",
    diskEncryption: false,
    publicServiceEndpoint: false,
    privateServiceEndpoint: false,
    publicVlanId: "string",
    resourceGroupId: "string",
    retryPatchVersion: 0,
    serviceSubnet: "string",
    subnetIds: ["string"],
    tags: ["string"],
    taints: [{
        effect: "string",
        key: "string",
        value: "string",
    }],
    timeouts: {
        create: "string",
        "delete": "string",
        update: "string",
    },
    updateAllWorkers: false,
    waitForWorkerUpdate: false,
    waitTill: "string",
    webhooks: [{
        level: "string",
        type: "string",
        url: "string",
    }],
    workersInfos: [{
        id: "string",
        poolName: "string",
        version: "string",
    }],
});

type: ibm:ContainerCluster
properties:
    containerClusterId: string
    datacenter: string
    defaultPoolSize: 0
    diskEncryption: false
    entitlement: string
    forceDeleteStorage: false
    gatewayEnabled: false
    hardware: string
    imageSecurityEnforcement: false
    kmsConfig:
        accountId: string
        crkId: string
        instanceId: string
        privateEndpoint: false
    kubeVersion: string
    labels:
        string: string
    machineType: string
    name: string
    noSubnet: false
    operatingSystem: string
    patchVersion: string
    podSubnet: string
    privateServiceEndpoint: false
    privateVlanId: string
    publicServiceEndpoint: false
    publicVlanId: string
    resourceGroupId: string
    retryPatchVersion: 0
    serviceSubnet: string
    subnetIds:
        - string
    tags:
        - string
    taints:
        - effect: string
          key: string
          value: string
    timeouts:
        create: string
        delete: string
        update: string
    updateAllWorkers: false
    waitForWorkerUpdate: false
    waitTill: string
    webhooks:
        - level: string
          type: string
          url: string
    workersInfos:
        - id: string
          poolName: string
          version: string

ContainerCluster Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The ContainerCluster resource accepts the following input properties:

Datacenter string

The datacenter where you want to provision the worker nodes. The zone that you choose must be supported in the region where you want to create the cluster. To find supported zones, run ibmcloud ks zones command line.

Hardware string

The level of hardware isolation for worker nodes in the default worker pool. Use dedicated to have available physical resources dedicated to you only, or shared to allow physical resources to be shared with other IBM customers. This option is available for virtual machine worker node flavors only. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.

ContainerClusterId string

(String) The ID of the worker pool.

DefaultPoolSize double

The number of worker nodes that you want to add to the default worker pool on cluster creation. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.

DiskEncryption bool

If set to true, the disks for the workers in the default worker pool are set up with an AES 256-bit encryption, otherwise they are not encrypted. For more information, see Encrypted disks for worker node. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.

Entitlement string

If you purchased an IBM Cloud Cloud Pak that includes an entitlement to run worker nodes that are installed with OpenShift Container Platform, enter entitlement to create your cluster with that entitlement so that you are not charged twice for the OpenShift license. Note that this option can be set only when you create the cluster. After the cluster is created, the cost for the OpenShift license occurred and you cannot disable this charge. Note

Set only for the first time creation of the cluster, modification do not have any impacts.
Set this argument to cloud_pak only if you use this cluster with a Cloud Pak that has an OpenShift entitlement.

ForceDeleteStorage bool

Force the removal of a cluster and its persistent storage. Deleted data cannot be recovered

GatewayEnabled bool

Set to true if you want to automatically create a gateway-enabled cluster. If gateway_enabled is set to true, then private_service_endpoint must be set to true at the same time.

ImageSecurityEnforcement bool

Set to true to enable image security enforcement policies in a cluster.

KmsConfig ContainerClusterKmsConfig

Used to attach a Key Protect instance to a cluster. Nested kms_config block has an instance_id, crk_id, private_endpoint and account_id.

Nested scheme for kms_config:

KubeVersion string

The Kubernetes or OpenShift version that you want to set up in your cluster. If the version is not specified, the default version in IBM Cloud Kubernetes Service or Red Hat OpenShift on IBM Cloud is used. For example, to specify Kubernetes version 1.16, enter 1.16. For OpenShift clusters, you can specify version 3.11_openshift or 4.3.1_openshift.

Labels Dictionary<string, string>

Labels on all the workers in the default worker pool.

MachineType string

The machine type for the worker nodes in the default worker pool. The machine type determines the amount of memory, CPU, and disk space that is available to the worker node. For an overview of supported machine types, see Planning your worker node setup. You can retrieve the value by executing the ibmcloud ks flavor ls --zone <zone> command in the IBM Cloud CLI. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.

Name string

The name of the cluster. The name must start with a letter, can contain letters, numbers, and hyphen (-), and must be 35 characters or fewer. Use a name that is unique across regions. The cluster name and the region in which the cluster is deployed form the fully qualified domain name for the Ingress subdomain. To ensure that the Ingress subdomain is unique within a region, the cluster name might be truncated and appended with a random value within the Ingress domain name.

NoSubnet bool

If set to true, no portable subnet is created during cluster creation. The portable subnet is used to provide portable IP addresses for the Ingress subdomain and Kubernetes load balancer services. If set to false, a portable subnet is created by default. The default is false.

OperatingSystem string

The operating system of the workers in the default worker pool. For supported options, see Red Hat OpenShift on IBM Cloud version information or IBM Cloud Kubernetes Service version information. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.

PatchVersion string

Updates the worker nodes with the required patch version. The patch_version should be in the format: patch_version_fixpack_version. For more information, about Kubernetes version information and update, see Kubernetes version update. NOTE: To update the patch or fix pack versions of the worker nodes, run the command ibmcloud ks workers -c <cluster_name_or_id> output json. Fetch the required patch & fix pack versions from kubeVersion.target and set the patch_version parameter.

PodSubnet string

Specify a custom subnet CIDR to provide private IP addresses for pods. The subnet must be at least /23 or more. For more information, refer to Pod subnet.Yes-

PrivateServiceEndpoint bool

If set to true, your cluster is set up with a private service endpoint. When the private service endpoint is enabled, communication between the Kubernetes and the worker nodes is established over the private network. If you enable the private service endpoint, you cannot disable it later. To use service endpoints, your account must be enabled for Virtual Routing and Forwarding (VRF). For more information, see Worker-to-master and user-to-master communication: Service endpoints. If set to false, the private service endpoint is disabled and all communication to the Kubernetes master must go through the public network.

PrivateVlanId string

The ID of the private VLAN that you want to use for the worker nodes in your default worker pool. You can retrieve the VLAN ID with the ibmcloud ks vlans --zone <zone> command. * * Standard clusters: If you create a standard cluster and you have an existing private VLAN ID for the zone where you plan to set up worker nodes, you must enter the VLAN ID. To retrieve the ID, run ibmcloud ks vlans --zone <zone>. If you do not have an existing private VLAN ID, do not specify this option. A private VLAN is created automatically for you. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.

PublicServiceEndpoint bool

If set to true, your cluster is set up with a public service endpoint. You can use the public service endpoint to access the Kubernetes master from the public network. To use service endpoints, your account must be enabled for Virtual Routing and Forwarding (VRF). For more information, see Worker-to-master and user-to-master communication: Service endpoints. If set to false, the public service endpoint is disabled for your cluster.

PublicVlanId string

The ID of the public VLAN that you want to use for the worker nodes in the default worker pool. You can retrieve the VLAN ID with the ibmcloud ks vlans --zone <zone> command. * Free clusters: If you create a standard cluster and you have an existing public VLAN ID for the zone where you plan to set up worker nodes, you must enter the VLAN ID. To retrieve the ID, run ibmcloud ks vlans --zone <zone>. If you do not have an existing public VLAN ID, or you want to connect your cluster to a private VLAN only, do not specify this option. Note: The prerequisite for using service endpoints, account must be enabled for Virtual Routing and Forwarding (VRF). Account must be enabled for connectivity to service endpoints. Use the resource ibm.ContainerClusterFeature to update the public_service_endpoint and private_service_endpoint. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.

Region string

The region where the cluster is provisioned. If the region is not specified it will be defaulted to provider region(IC_REGION/IBMCLOUD_REGION). To get the list of supported regions please access this link and use the alias.

Deprecated: Deprecated

ResourceGroupId string

The ID of the resource group where you want to provision your cluster. To retrieve the ID, use the ibm.ResourceGroup data source. If no value is provided, the cluster is automatically provisioned into the default resource group.

RetryPatchVersion double

This argument retries the update of patch_version if the previous update fails. Increment the value to retry the update of patch_version on worker nodes.

ServiceSubnet string

Specify a custom subnet CIDR to provide private IP addresses for services. The subnet should be at least /24 or more. For more information, refer to Subnet service.

SubnetIds List<string>

The ID of an existing subnet that you want to use for your worker nodes. To find existing subnets, run ibmcloud ks subnets.

Tags List<string>

A list of tags that you want to add to your cluster. Tags can help find a cluster more quickly. Note: For users on account to add tags to a resource, they must be assigned the appropriate permissions.

Taints List<ContainerClusterTaint>

A nested block that sets or removes Kubernetes taints for all worker nodes in a worker pool. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.

Nested scheme for taints:

Timeouts ContainerClusterTimeouts

UpdateAllWorkers bool

If set to true, the Kubernetes version of the worker nodes is updated along with the Kubernetes version of the cluster that you specify in kube_version. Note: setting wait_for_worker_update to false is not recommended. This results in upgrading all the worker nodes in the cluster at the same time causing the cluster downtime.

WaitForWorkerUpdate bool

Set to true to wait and update the Kubernetes version of worker nodes. NOTE Setting wait_for_worker_update to false is not recommended. Setting false results in upgrading all the worker nodes in the cluster at the same time causing the cluster downtime.

WaitTill string

wait_till can be configured for Master Ready, One worker Ready, Ingress Ready or Normal

Webhooks List<ContainerClusterWebhook>

The webhook that you want to add to the cluster. For available options, see the webhook create command.

WorkersInfos List<ContainerClusterWorkersInfo>

The worker nodes that you want to update.

Nested scheme for workers_info:

Datacenter string

Hardware string

ContainerClusterId string

(String) The ID of the worker pool.

DefaultPoolSize float64

DiskEncryption bool

Entitlement string

Set only for the first time creation of the cluster, modification do not have any impacts.
Set this argument to cloud_pak only if you use this cluster with a Cloud Pak that has an OpenShift entitlement.

ForceDeleteStorage bool

Force the removal of a cluster and its persistent storage. Deleted data cannot be recovered

GatewayEnabled bool

Set to true if you want to automatically create a gateway-enabled cluster. If gateway_enabled is set to true, then private_service_endpoint must be set to true at the same time.

ImageSecurityEnforcement bool

Set to true to enable image security enforcement policies in a cluster.

KmsConfig ContainerClusterKmsConfigArgs

Used to attach a Key Protect instance to a cluster. Nested kms_config block has an instance_id, crk_id, private_endpoint and account_id.

Nested scheme for kms_config:

KubeVersion string

Labels map[string]string

Labels on all the workers in the default worker pool.

MachineType string

Name string

NoSubnet bool

OperatingSystem string

PatchVersion string

PodSubnet string

Specify a custom subnet CIDR to provide private IP addresses for pods. The subnet must be at least /23 or more. For more information, refer to Pod subnet.Yes-

PrivateServiceEndpoint bool

PrivateVlanId string

PublicServiceEndpoint bool

PublicVlanId string

Region string

Deprecated: Deprecated

ResourceGroupId string

RetryPatchVersion float64

This argument retries the update of patch_version if the previous update fails. Increment the value to retry the update of patch_version on worker nodes.

ServiceSubnet string

Specify a custom subnet CIDR to provide private IP addresses for services. The subnet should be at least /24 or more. For more information, refer to Subnet service.

SubnetIds []string

The ID of an existing subnet that you want to use for your worker nodes. To find existing subnets, run ibmcloud ks subnets.

Tags []string

Taints []ContainerClusterTaintArgs

Nested scheme for taints:

Timeouts ContainerClusterTimeoutsArgs

UpdateAllWorkers bool

WaitForWorkerUpdate bool

WaitTill string

wait_till can be configured for Master Ready, One worker Ready, Ingress Ready or Normal

Webhooks []ContainerClusterWebhookArgs

The webhook that you want to add to the cluster. For available options, see the webhook create command.

WorkersInfos []ContainerClusterWorkersInfoArgs

The worker nodes that you want to update.

Nested scheme for workers_info:

datacenter String

hardware String

containerClusterId String

(String) The ID of the worker pool.

defaultPoolSize Double

diskEncryption Boolean

entitlement String

Set only for the first time creation of the cluster, modification do not have any impacts.
Set this argument to cloud_pak only if you use this cluster with a Cloud Pak that has an OpenShift entitlement.

forceDeleteStorage Boolean

Force the removal of a cluster and its persistent storage. Deleted data cannot be recovered

gatewayEnabled Boolean

Set to true if you want to automatically create a gateway-enabled cluster. If gateway_enabled is set to true, then private_service_endpoint must be set to true at the same time.

imageSecurityEnforcement Boolean

Set to true to enable image security enforcement policies in a cluster.

kmsConfig ContainerClusterKmsConfig

Used to attach a Key Protect instance to a cluster. Nested kms_config block has an instance_id, crk_id, private_endpoint and account_id.

Nested scheme for kms_config:

kubeVersion String

labels Map<String,String>

Labels on all the workers in the default worker pool.

machineType String

name String

noSubnet Boolean

operatingSystem String

patchVersion String

podSubnet String

Specify a custom subnet CIDR to provide private IP addresses for pods. The subnet must be at least /23 or more. For more information, refer to Pod subnet.Yes-

privateServiceEndpoint Boolean

privateVlanId String

publicServiceEndpoint Boolean

publicVlanId String

region String

Deprecated: Deprecated

resourceGroupId String

retryPatchVersion Double

This argument retries the update of patch_version if the previous update fails. Increment the value to retry the update of patch_version on worker nodes.

serviceSubnet String

Specify a custom subnet CIDR to provide private IP addresses for services. The subnet should be at least /24 or more. For more information, refer to Subnet service.

subnetIds List<String>

The ID of an existing subnet that you want to use for your worker nodes. To find existing subnets, run ibmcloud ks subnets.

tags List<String>

taints List<ContainerClusterTaint>

Nested scheme for taints:

timeouts ContainerClusterTimeouts

updateAllWorkers Boolean

waitForWorkerUpdate Boolean

waitTill String

wait_till can be configured for Master Ready, One worker Ready, Ingress Ready or Normal

webhooks List<ContainerClusterWebhook>

The webhook that you want to add to the cluster. For available options, see the webhook create command.

workersInfos List<ContainerClusterWorkersInfo>

The worker nodes that you want to update.

Nested scheme for workers_info:

datacenter string

hardware string

containerClusterId string

(String) The ID of the worker pool.

defaultPoolSize number

diskEncryption boolean

entitlement string

Set only for the first time creation of the cluster, modification do not have any impacts.
Set this argument to cloud_pak only if you use this cluster with a Cloud Pak that has an OpenShift entitlement.

forceDeleteStorage boolean

Force the removal of a cluster and its persistent storage. Deleted data cannot be recovered

gatewayEnabled boolean

Set to true if you want to automatically create a gateway-enabled cluster. If gateway_enabled is set to true, then private_service_endpoint must be set to true at the same time.

imageSecurityEnforcement boolean

Set to true to enable image security enforcement policies in a cluster.

kmsConfig ContainerClusterKmsConfig

Used to attach a Key Protect instance to a cluster. Nested kms_config block has an instance_id, crk_id, private_endpoint and account_id.

Nested scheme for kms_config:

kubeVersion string

labels {[key: string]: string}

Labels on all the workers in the default worker pool.

machineType string

name string

noSubnet boolean

operatingSystem string

patchVersion string

podSubnet string

Specify a custom subnet CIDR to provide private IP addresses for pods. The subnet must be at least /23 or more. For more information, refer to Pod subnet.Yes-

privateServiceEndpoint boolean

privateVlanId string

publicServiceEndpoint boolean

publicVlanId string

region string

Deprecated: Deprecated

resourceGroupId string

retryPatchVersion number

This argument retries the update of patch_version if the previous update fails. Increment the value to retry the update of patch_version on worker nodes.

serviceSubnet string

Specify a custom subnet CIDR to provide private IP addresses for services. The subnet should be at least /24 or more. For more information, refer to Subnet service.

subnetIds string[]

The ID of an existing subnet that you want to use for your worker nodes. To find existing subnets, run ibmcloud ks subnets.

tags string[]

taints ContainerClusterTaint[]

Nested scheme for taints:

timeouts ContainerClusterTimeouts

updateAllWorkers boolean

waitForWorkerUpdate boolean

waitTill string

wait_till can be configured for Master Ready, One worker Ready, Ingress Ready or Normal

webhooks ContainerClusterWebhook[]

The webhook that you want to add to the cluster. For available options, see the webhook create command.

workersInfos ContainerClusterWorkersInfo[]

The worker nodes that you want to update.

Nested scheme for workers_info:

datacenter str

hardware str

container_cluster_id str

(String) The ID of the worker pool.

default_pool_size float

disk_encryption bool

entitlement str

Set only for the first time creation of the cluster, modification do not have any impacts.
Set this argument to cloud_pak only if you use this cluster with a Cloud Pak that has an OpenShift entitlement.

force_delete_storage bool

Force the removal of a cluster and its persistent storage. Deleted data cannot be recovered

gateway_enabled bool

Set to true if you want to automatically create a gateway-enabled cluster. If gateway_enabled is set to true, then private_service_endpoint must be set to true at the same time.

image_security_enforcement bool

Set to true to enable image security enforcement policies in a cluster.

kms_config ContainerClusterKmsConfigArgs

Used to attach a Key Protect instance to a cluster. Nested kms_config block has an instance_id, crk_id, private_endpoint and account_id.

Nested scheme for kms_config:

kube_version str

labels Mapping[str, str]

Labels on all the workers in the default worker pool.

machine_type str

name str

no_subnet bool

operating_system str

patch_version str

pod_subnet str

Specify a custom subnet CIDR to provide private IP addresses for pods. The subnet must be at least /23 or more. For more information, refer to Pod subnet.Yes-

private_service_endpoint bool

private_vlan_id str

public_service_endpoint bool

public_vlan_id str

region str

Deprecated: Deprecated

resource_group_id str

retry_patch_version float

This argument retries the update of patch_version if the previous update fails. Increment the value to retry the update of patch_version on worker nodes.

service_subnet str

Specify a custom subnet CIDR to provide private IP addresses for services. The subnet should be at least /24 or more. For more information, refer to Subnet service.

subnet_ids Sequence[str]

The ID of an existing subnet that you want to use for your worker nodes. To find existing subnets, run ibmcloud ks subnets.

tags Sequence[str]

taints Sequence[ContainerClusterTaintArgs]

Nested scheme for taints:

timeouts ContainerClusterTimeoutsArgs

update_all_workers bool

wait_for_worker_update bool

wait_till str

wait_till can be configured for Master Ready, One worker Ready, Ingress Ready or Normal

webhooks Sequence[ContainerClusterWebhookArgs]

The webhook that you want to add to the cluster. For available options, see the webhook create command.

workers_infos Sequence[ContainerClusterWorkersInfoArgs]

The worker nodes that you want to update.

Nested scheme for workers_info:

datacenter String

hardware String

containerClusterId String

(String) The ID of the worker pool.

defaultPoolSize Number

diskEncryption Boolean

entitlement String

Set only for the first time creation of the cluster, modification do not have any impacts.
Set this argument to cloud_pak only if you use this cluster with a Cloud Pak that has an OpenShift entitlement.

forceDeleteStorage Boolean

Force the removal of a cluster and its persistent storage. Deleted data cannot be recovered

gatewayEnabled Boolean

Set to true if you want to automatically create a gateway-enabled cluster. If gateway_enabled is set to true, then private_service_endpoint must be set to true at the same time.

imageSecurityEnforcement Boolean

Set to true to enable image security enforcement policies in a cluster.

kmsConfig Property Map

Used to attach a Key Protect instance to a cluster. Nested kms_config block has an instance_id, crk_id, private_endpoint and account_id.

Nested scheme for kms_config:

kubeVersion String

labels Map<String>

Labels on all the workers in the default worker pool.

machineType String

name String

noSubnet Boolean

operatingSystem String

patchVersion String

podSubnet String

Specify a custom subnet CIDR to provide private IP addresses for pods. The subnet must be at least /23 or more. For more information, refer to Pod subnet.Yes-

privateServiceEndpoint Boolean

privateVlanId String

publicServiceEndpoint Boolean

publicVlanId String

region String

Deprecated: Deprecated

resourceGroupId String

retryPatchVersion Number

This argument retries the update of patch_version if the previous update fails. Increment the value to retry the update of patch_version on worker nodes.

serviceSubnet String

Specify a custom subnet CIDR to provide private IP addresses for services. The subnet should be at least /24 or more. For more information, refer to Subnet service.

subnetIds List<String>

The ID of an existing subnet that you want to use for your worker nodes. To find existing subnets, run ibmcloud ks subnets.

tags List<String>

taints List<Property Map>

Nested scheme for taints:

timeouts Property Map

updateAllWorkers Boolean

waitForWorkerUpdate Boolean

waitTill String

wait_till can be configured for Master Ready, One worker Ready, Ingress Ready or Normal

webhooks List<Property Map>

The webhook that you want to add to the cluster. For available options, see the webhook create command.

workersInfos List<Property Map>

The worker nodes that you want to update.

Nested scheme for workers_info:

Outputs

All input properties are implicitly available as output properties. Additionally, the ContainerCluster resource produces the following output properties:

Albs List<ContainerClusterAlb>: (List of objects) A list of Ingress application load balancers (ALBs) that are attached to the cluster.
Crn string: (String) The CRN of the cluster.
Id string: The provider-assigned unique ID for this managed resource.
IngressHostname string: (String) The Ingress host name.
IngressSecret string: (String) The name of the Ingress secret.
PrivateServiceEndpointUrl string: (String) The URL of the private service endpoint for your cluster.
PublicServiceEndpointUrl string: (String) The URL of the public service endpoint for your cluster.
ResourceControllerUrl string: The URL of the IBM Cloud dashboard that can be used to explore and view details about this cluster
ResourceCrn string: The crn of the resource
ResourceGroupName string: The resource group name in which resource is provisioned
ResourceName string: The name of the resource
ResourceStatus string: The status of the resource
ServerUrl string: (String) The server URL.
WorkerPools List<ContainerClusterWorkerPool>: List of objects - A list of worker pools that exist in the cluster.

Albs []ContainerClusterAlb: (List of objects) A list of Ingress application load balancers (ALBs) that are attached to the cluster.
Crn string: (String) The CRN of the cluster.
Id string: The provider-assigned unique ID for this managed resource.
IngressHostname string: (String) The Ingress host name.
IngressSecret string: (String) The name of the Ingress secret.
PrivateServiceEndpointUrl string: (String) The URL of the private service endpoint for your cluster.
PublicServiceEndpointUrl string: (String) The URL of the public service endpoint for your cluster.
ResourceControllerUrl string: The URL of the IBM Cloud dashboard that can be used to explore and view details about this cluster
ResourceCrn string: The crn of the resource
ResourceGroupName string: The resource group name in which resource is provisioned
ResourceName string: The name of the resource
ResourceStatus string: The status of the resource
ServerUrl string: (String) The server URL.
WorkerPools []ContainerClusterWorkerPool: List of objects - A list of worker pools that exist in the cluster.

albs List<ContainerClusterAlb>: (List of objects) A list of Ingress application load balancers (ALBs) that are attached to the cluster.
crn String: (String) The CRN of the cluster.
id String: The provider-assigned unique ID for this managed resource.
ingressHostname String: (String) The Ingress host name.
ingressSecret String: (String) The name of the Ingress secret.
privateServiceEndpointUrl String: (String) The URL of the private service endpoint for your cluster.
publicServiceEndpointUrl String: (String) The URL of the public service endpoint for your cluster.
resourceControllerUrl String: The URL of the IBM Cloud dashboard that can be used to explore and view details about this cluster
resourceCrn String: The crn of the resource
resourceGroupName String: The resource group name in which resource is provisioned
resourceName String: The name of the resource
resourceStatus String: The status of the resource
serverUrl String: (String) The server URL.
workerPools List<ContainerClusterWorkerPool>: List of objects - A list of worker pools that exist in the cluster.

albs ContainerClusterAlb[]: (List of objects) A list of Ingress application load balancers (ALBs) that are attached to the cluster.
crn string: (String) The CRN of the cluster.
id string: The provider-assigned unique ID for this managed resource.
ingressHostname string: (String) The Ingress host name.
ingressSecret string: (String) The name of the Ingress secret.
privateServiceEndpointUrl string: (String) The URL of the private service endpoint for your cluster.
publicServiceEndpointUrl string: (String) The URL of the public service endpoint for your cluster.
resourceControllerUrl string: The URL of the IBM Cloud dashboard that can be used to explore and view details about this cluster
resourceCrn string: The crn of the resource
resourceGroupName string: The resource group name in which resource is provisioned
resourceName string: The name of the resource
resourceStatus string: The status of the resource
serverUrl string: (String) The server URL.
workerPools ContainerClusterWorkerPool[]: List of objects - A list of worker pools that exist in the cluster.

albs Sequence[ContainerClusterAlb]: (List of objects) A list of Ingress application load balancers (ALBs) that are attached to the cluster.
crn str: (String) The CRN of the cluster.
id str: The provider-assigned unique ID for this managed resource.
ingress_hostname str: (String) The Ingress host name.
ingress_secret str: (String) The name of the Ingress secret.
private_service_endpoint_url str: (String) The URL of the private service endpoint for your cluster.
public_service_endpoint_url str: (String) The URL of the public service endpoint for your cluster.
resource_controller_url str: The URL of the IBM Cloud dashboard that can be used to explore and view details about this cluster
resource_crn str: The crn of the resource
resource_group_name str: The resource group name in which resource is provisioned
resource_name str: The name of the resource
resource_status str: The status of the resource
server_url str: (String) The server URL.
worker_pools Sequence[ContainerClusterWorkerPool]: List of objects - A list of worker pools that exist in the cluster.

albs List<Property Map>: (List of objects) A list of Ingress application load balancers (ALBs) that are attached to the cluster.
crn String: (String) The CRN of the cluster.
id String: The provider-assigned unique ID for this managed resource.
ingressHostname String: (String) The Ingress host name.
ingressSecret String: (String) The name of the Ingress secret.
privateServiceEndpointUrl String: (String) The URL of the private service endpoint for your cluster.
publicServiceEndpointUrl String: (String) The URL of the public service endpoint for your cluster.
resourceControllerUrl String: The URL of the IBM Cloud dashboard that can be used to explore and view details about this cluster
resourceCrn String: The crn of the resource
resourceGroupName String: The resource group name in which resource is provisioned
resourceName String: The name of the resource
resourceStatus String: The status of the resource
serverUrl String: (String) The server URL.
workerPools List<Property Map>: List of objects - A list of worker pools that exist in the cluster.

Look up Existing ContainerCluster Resource

Get an existing ContainerCluster resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ContainerClusterState, opts?: CustomResourceOptions): ContainerCluster

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        albs: Optional[Sequence[ContainerClusterAlbArgs]] = None,
        container_cluster_id: Optional[str] = None,
        crn: Optional[str] = None,
        datacenter: Optional[str] = None,
        default_pool_size: Optional[float] = None,
        disk_encryption: Optional[bool] = None,
        entitlement: Optional[str] = None,
        force_delete_storage: Optional[bool] = None,
        gateway_enabled: Optional[bool] = None,
        hardware: Optional[str] = None,
        image_security_enforcement: Optional[bool] = None,
        ingress_hostname: Optional[str] = None,
        ingress_secret: Optional[str] = None,
        kms_config: Optional[ContainerClusterKmsConfigArgs] = None,
        kube_version: Optional[str] = None,
        labels: Optional[Mapping[str, str]] = None,
        machine_type: Optional[str] = None,
        name: Optional[str] = None,
        no_subnet: Optional[bool] = None,
        operating_system: Optional[str] = None,
        patch_version: Optional[str] = None,
        pod_subnet: Optional[str] = None,
        private_service_endpoint: Optional[bool] = None,
        private_service_endpoint_url: Optional[str] = None,
        private_vlan_id: Optional[str] = None,
        public_service_endpoint: Optional[bool] = None,
        public_service_endpoint_url: Optional[str] = None,
        public_vlan_id: Optional[str] = None,
        region: Optional[str] = None,
        resource_controller_url: Optional[str] = None,
        resource_crn: Optional[str] = None,
        resource_group_id: Optional[str] = None,
        resource_group_name: Optional[str] = None,
        resource_name: Optional[str] = None,
        resource_status: Optional[str] = None,
        retry_patch_version: Optional[float] = None,
        server_url: Optional[str] = None,
        service_subnet: Optional[str] = None,
        subnet_ids: Optional[Sequence[str]] = None,
        tags: Optional[Sequence[str]] = None,
        taints: Optional[Sequence[ContainerClusterTaintArgs]] = None,
        timeouts: Optional[ContainerClusterTimeoutsArgs] = None,
        update_all_workers: Optional[bool] = None,
        wait_for_worker_update: Optional[bool] = None,
        wait_till: Optional[str] = None,
        webhooks: Optional[Sequence[ContainerClusterWebhookArgs]] = None,
        worker_pools: Optional[Sequence[ContainerClusterWorkerPoolArgs]] = None,
        workers_infos: Optional[Sequence[ContainerClusterWorkersInfoArgs]] = None) -> ContainerCluster

func GetContainerCluster(ctx *Context, name string, id IDInput, state *ContainerClusterState, opts ...ResourceOption) (*ContainerCluster, error)

public static ContainerCluster Get(string name, Input<string> id, ContainerClusterState? state, CustomResourceOptions? opts = null)

public static ContainerCluster get(String name, Output<String> id, ContainerClusterState state, CustomResourceOptions options)

resources:  _:    type: ibm:ContainerCluster    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Albs List<ContainerClusterAlb>

(List of objects) A list of Ingress application load balancers (ALBs) that are attached to the cluster.

ContainerClusterId string

(String) The ID of the worker pool.

Crn string

(String) The CRN of the cluster.

Datacenter string

DefaultPoolSize double

DiskEncryption bool

Entitlement string

Set only for the first time creation of the cluster, modification do not have any impacts.
Set this argument to cloud_pak only if you use this cluster with a Cloud Pak that has an OpenShift entitlement.

ForceDeleteStorage bool

Force the removal of a cluster and its persistent storage. Deleted data cannot be recovered

GatewayEnabled bool

Set to true if you want to automatically create a gateway-enabled cluster. If gateway_enabled is set to true, then private_service_endpoint must be set to true at the same time.

Hardware string

ImageSecurityEnforcement bool

Set to true to enable image security enforcement policies in a cluster.

IngressHostname string

(String) The Ingress host name.

IngressSecret string

(String) The name of the Ingress secret.

KmsConfig ContainerClusterKmsConfig

Used to attach a Key Protect instance to a cluster. Nested kms_config block has an instance_id, crk_id, private_endpoint and account_id.

Nested scheme for kms_config:

KubeVersion string

Labels Dictionary<string, string>

Labels on all the workers in the default worker pool.

MachineType string

Name string

NoSubnet bool

OperatingSystem string

PatchVersion string

PodSubnet string

Specify a custom subnet CIDR to provide private IP addresses for pods. The subnet must be at least /23 or more. For more information, refer to Pod subnet.Yes-

PrivateServiceEndpoint bool

PrivateServiceEndpointUrl string

(String) The URL of the private service endpoint for your cluster.

PrivateVlanId string

PublicServiceEndpoint bool

PublicServiceEndpointUrl string

(String) The URL of the public service endpoint for your cluster.

PublicVlanId string

Region string

Deprecated: Deprecated

ResourceControllerUrl string

The URL of the IBM Cloud dashboard that can be used to explore and view details about this cluster

ResourceCrn string

The crn of the resource

ResourceGroupId string

ResourceGroupName string

The resource group name in which resource is provisioned

ResourceName string

The name of the resource

ResourceStatus string

The status of the resource

RetryPatchVersion double

This argument retries the update of patch_version if the previous update fails. Increment the value to retry the update of patch_version on worker nodes.

ServerUrl string

(String) The server URL.

ServiceSubnet string

Specify a custom subnet CIDR to provide private IP addresses for services. The subnet should be at least /24 or more. For more information, refer to Subnet service.

SubnetIds List<string>

The ID of an existing subnet that you want to use for your worker nodes. To find existing subnets, run ibmcloud ks subnets.

Tags List<string>

Taints List<ContainerClusterTaint>

Nested scheme for taints:

Timeouts ContainerClusterTimeouts

UpdateAllWorkers bool

WaitForWorkerUpdate bool

WaitTill string

wait_till can be configured for Master Ready, One worker Ready, Ingress Ready or Normal

Webhooks List<ContainerClusterWebhook>

The webhook that you want to add to the cluster. For available options, see the webhook create command.

WorkerPools List<ContainerClusterWorkerPool>

List of objects - A list of worker pools that exist in the cluster.

WorkersInfos List<ContainerClusterWorkersInfo>

The worker nodes that you want to update.

Nested scheme for workers_info:

Albs []ContainerClusterAlbArgs

(List of objects) A list of Ingress application load balancers (ALBs) that are attached to the cluster.

ContainerClusterId string

(String) The ID of the worker pool.

Crn string

(String) The CRN of the cluster.

Datacenter string

DefaultPoolSize float64

DiskEncryption bool

Entitlement string

Set only for the first time creation of the cluster, modification do not have any impacts.
Set this argument to cloud_pak only if you use this cluster with a Cloud Pak that has an OpenShift entitlement.

ForceDeleteStorage bool

Force the removal of a cluster and its persistent storage. Deleted data cannot be recovered

GatewayEnabled bool

Set to true if you want to automatically create a gateway-enabled cluster. If gateway_enabled is set to true, then private_service_endpoint must be set to true at the same time.

Hardware string

ImageSecurityEnforcement bool

Set to true to enable image security enforcement policies in a cluster.

IngressHostname string

(String) The Ingress host name.

IngressSecret string

(String) The name of the Ingress secret.

KmsConfig ContainerClusterKmsConfigArgs

Used to attach a Key Protect instance to a cluster. Nested kms_config block has an instance_id, crk_id, private_endpoint and account_id.

Nested scheme for kms_config:

KubeVersion string

Labels map[string]string

Labels on all the workers in the default worker pool.

MachineType string

Name string

NoSubnet bool

OperatingSystem string

PatchVersion string

PodSubnet string

Specify a custom subnet CIDR to provide private IP addresses for pods. The subnet must be at least /23 or more. For more information, refer to Pod subnet.Yes-

PrivateServiceEndpoint bool

PrivateServiceEndpointUrl string

(String) The URL of the private service endpoint for your cluster.

PrivateVlanId string

PublicServiceEndpoint bool

PublicServiceEndpointUrl string

(String) The URL of the public service endpoint for your cluster.

PublicVlanId string

Region string

Deprecated: Deprecated

ResourceControllerUrl string

The URL of the IBM Cloud dashboard that can be used to explore and view details about this cluster

ResourceCrn string

The crn of the resource

ResourceGroupId string

ResourceGroupName string

The resource group name in which resource is provisioned

ResourceName string

The name of the resource

ResourceStatus string

The status of the resource

RetryPatchVersion float64

This argument retries the update of patch_version if the previous update fails. Increment the value to retry the update of patch_version on worker nodes.

ServerUrl string

(String) The server URL.

ServiceSubnet string

Specify a custom subnet CIDR to provide private IP addresses for services. The subnet should be at least /24 or more. For more information, refer to Subnet service.

SubnetIds []string

The ID of an existing subnet that you want to use for your worker nodes. To find existing subnets, run ibmcloud ks subnets.

Tags []string

Taints []ContainerClusterTaintArgs

Nested scheme for taints:

Timeouts ContainerClusterTimeoutsArgs

UpdateAllWorkers bool

WaitForWorkerUpdate bool

WaitTill string

wait_till can be configured for Master Ready, One worker Ready, Ingress Ready or Normal

Webhooks []ContainerClusterWebhookArgs

The webhook that you want to add to the cluster. For available options, see the webhook create command.

WorkerPools []ContainerClusterWorkerPoolArgs

List of objects - A list of worker pools that exist in the cluster.

WorkersInfos []ContainerClusterWorkersInfoArgs

The worker nodes that you want to update.

Nested scheme for workers_info:

albs List<ContainerClusterAlb>

(List of objects) A list of Ingress application load balancers (ALBs) that are attached to the cluster.

containerClusterId String

(String) The ID of the worker pool.

crn String

(String) The CRN of the cluster.

datacenter String

defaultPoolSize Double

diskEncryption Boolean

entitlement String

Set only for the first time creation of the cluster, modification do not have any impacts.
Set this argument to cloud_pak only if you use this cluster with a Cloud Pak that has an OpenShift entitlement.

forceDeleteStorage Boolean

Force the removal of a cluster and its persistent storage. Deleted data cannot be recovered

gatewayEnabled Boolean

Set to true if you want to automatically create a gateway-enabled cluster. If gateway_enabled is set to true, then private_service_endpoint must be set to true at the same time.

hardware String

imageSecurityEnforcement Boolean

Set to true to enable image security enforcement policies in a cluster.

ingressHostname String

(String) The Ingress host name.

ingressSecret String

(String) The name of the Ingress secret.

kmsConfig ContainerClusterKmsConfig

Used to attach a Key Protect instance to a cluster. Nested kms_config block has an instance_id, crk_id, private_endpoint and account_id.

Nested scheme for kms_config:

kubeVersion String

labels Map<String,String>

Labels on all the workers in the default worker pool.

machineType String

name String

noSubnet Boolean

operatingSystem String

patchVersion String

podSubnet String

Specify a custom subnet CIDR to provide private IP addresses for pods. The subnet must be at least /23 or more. For more information, refer to Pod subnet.Yes-

privateServiceEndpoint Boolean

privateServiceEndpointUrl String

(String) The URL of the private service endpoint for your cluster.

privateVlanId String

publicServiceEndpoint Boolean

publicServiceEndpointUrl String

(String) The URL of the public service endpoint for your cluster.

publicVlanId String

region String

Deprecated: Deprecated

resourceControllerUrl String

The URL of the IBM Cloud dashboard that can be used to explore and view details about this cluster

resourceCrn String

The crn of the resource

resourceGroupId String

resourceGroupName String

The resource group name in which resource is provisioned

resourceName String

The name of the resource

resourceStatus String

The status of the resource

retryPatchVersion Double

This argument retries the update of patch_version if the previous update fails. Increment the value to retry the update of patch_version on worker nodes.

serverUrl String

(String) The server URL.

serviceSubnet String

Specify a custom subnet CIDR to provide private IP addresses for services. The subnet should be at least /24 or more. For more information, refer to Subnet service.

subnetIds List<String>

The ID of an existing subnet that you want to use for your worker nodes. To find existing subnets, run ibmcloud ks subnets.

tags List<String>

taints List<ContainerClusterTaint>

Nested scheme for taints:

timeouts ContainerClusterTimeouts

updateAllWorkers Boolean

waitForWorkerUpdate Boolean

waitTill String

wait_till can be configured for Master Ready, One worker Ready, Ingress Ready or Normal

webhooks List<ContainerClusterWebhook>

The webhook that you want to add to the cluster. For available options, see the webhook create command.

workerPools List<ContainerClusterWorkerPool>

List of objects - A list of worker pools that exist in the cluster.

workersInfos List<ContainerClusterWorkersInfo>

The worker nodes that you want to update.

Nested scheme for workers_info:

albs ContainerClusterAlb[]

(List of objects) A list of Ingress application load balancers (ALBs) that are attached to the cluster.

containerClusterId string

(String) The ID of the worker pool.

crn string

(String) The CRN of the cluster.

datacenter string

defaultPoolSize number

diskEncryption boolean

entitlement string

Set only for the first time creation of the cluster, modification do not have any impacts.
Set this argument to cloud_pak only if you use this cluster with a Cloud Pak that has an OpenShift entitlement.

forceDeleteStorage boolean

Force the removal of a cluster and its persistent storage. Deleted data cannot be recovered

gatewayEnabled boolean

Set to true if you want to automatically create a gateway-enabled cluster. If gateway_enabled is set to true, then private_service_endpoint must be set to true at the same time.

hardware string

imageSecurityEnforcement boolean

Set to true to enable image security enforcement policies in a cluster.

ingressHostname string

(String) The Ingress host name.

ingressSecret string

(String) The name of the Ingress secret.

kmsConfig ContainerClusterKmsConfig

Used to attach a Key Protect instance to a cluster. Nested kms_config block has an instance_id, crk_id, private_endpoint and account_id.

Nested scheme for kms_config:

kubeVersion string

labels {[key: string]: string}

Labels on all the workers in the default worker pool.

machineType string

name string

noSubnet boolean

operatingSystem string

patchVersion string

podSubnet string

Specify a custom subnet CIDR to provide private IP addresses for pods. The subnet must be at least /23 or more. For more information, refer to Pod subnet.Yes-

privateServiceEndpoint boolean

privateServiceEndpointUrl string

(String) The URL of the private service endpoint for your cluster.

privateVlanId string

publicServiceEndpoint boolean

publicServiceEndpointUrl string

(String) The URL of the public service endpoint for your cluster.

publicVlanId string

region string

Deprecated: Deprecated

resourceControllerUrl string

The URL of the IBM Cloud dashboard that can be used to explore and view details about this cluster

resourceCrn string

The crn of the resource

resourceGroupId string

resourceGroupName string

The resource group name in which resource is provisioned

resourceName string

The name of the resource

resourceStatus string

The status of the resource

retryPatchVersion number

This argument retries the update of patch_version if the previous update fails. Increment the value to retry the update of patch_version on worker nodes.

serverUrl string

(String) The server URL.

serviceSubnet string

Specify a custom subnet CIDR to provide private IP addresses for services. The subnet should be at least /24 or more. For more information, refer to Subnet service.

subnetIds string[]

The ID of an existing subnet that you want to use for your worker nodes. To find existing subnets, run ibmcloud ks subnets.

tags string[]

taints ContainerClusterTaint[]

Nested scheme for taints:

timeouts ContainerClusterTimeouts

updateAllWorkers boolean

waitForWorkerUpdate boolean

waitTill string

wait_till can be configured for Master Ready, One worker Ready, Ingress Ready or Normal

webhooks ContainerClusterWebhook[]

The webhook that you want to add to the cluster. For available options, see the webhook create command.

workerPools ContainerClusterWorkerPool[]

List of objects - A list of worker pools that exist in the cluster.

workersInfos ContainerClusterWorkersInfo[]

The worker nodes that you want to update.

Nested scheme for workers_info:

albs Sequence[ContainerClusterAlbArgs]

(List of objects) A list of Ingress application load balancers (ALBs) that are attached to the cluster.

container_cluster_id str

(String) The ID of the worker pool.

crn str

(String) The CRN of the cluster.

datacenter str

default_pool_size float

disk_encryption bool

entitlement str

Set only for the first time creation of the cluster, modification do not have any impacts.
Set this argument to cloud_pak only if you use this cluster with a Cloud Pak that has an OpenShift entitlement.

force_delete_storage bool

Force the removal of a cluster and its persistent storage. Deleted data cannot be recovered

gateway_enabled bool

Set to true if you want to automatically create a gateway-enabled cluster. If gateway_enabled is set to true, then private_service_endpoint must be set to true at the same time.

hardware str

image_security_enforcement bool

Set to true to enable image security enforcement policies in a cluster.

ingress_hostname str

(String) The Ingress host name.

ingress_secret str

(String) The name of the Ingress secret.

kms_config ContainerClusterKmsConfigArgs

Used to attach a Key Protect instance to a cluster. Nested kms_config block has an instance_id, crk_id, private_endpoint and account_id.

Nested scheme for kms_config:

kube_version str

labels Mapping[str, str]

Labels on all the workers in the default worker pool.

machine_type str

name str

no_subnet bool

operating_system str

patch_version str

pod_subnet str

Specify a custom subnet CIDR to provide private IP addresses for pods. The subnet must be at least /23 or more. For more information, refer to Pod subnet.Yes-

private_service_endpoint bool

private_service_endpoint_url str

(String) The URL of the private service endpoint for your cluster.

private_vlan_id str

public_service_endpoint bool

public_service_endpoint_url str

(String) The URL of the public service endpoint for your cluster.

public_vlan_id str

region str

Deprecated: Deprecated

resource_controller_url str

The URL of the IBM Cloud dashboard that can be used to explore and view details about this cluster

resource_crn str

The crn of the resource

resource_group_id str

resource_group_name str

The resource group name in which resource is provisioned

resource_name str

The name of the resource

resource_status str

The status of the resource

retry_patch_version float

This argument retries the update of patch_version if the previous update fails. Increment the value to retry the update of patch_version on worker nodes.

server_url str

(String) The server URL.

service_subnet str

Specify a custom subnet CIDR to provide private IP addresses for services. The subnet should be at least /24 or more. For more information, refer to Subnet service.

subnet_ids Sequence[str]

The ID of an existing subnet that you want to use for your worker nodes. To find existing subnets, run ibmcloud ks subnets.

tags Sequence[str]

taints Sequence[ContainerClusterTaintArgs]

Nested scheme for taints:

timeouts ContainerClusterTimeoutsArgs

update_all_workers bool

wait_for_worker_update bool

wait_till str

wait_till can be configured for Master Ready, One worker Ready, Ingress Ready or Normal

webhooks Sequence[ContainerClusterWebhookArgs]

The webhook that you want to add to the cluster. For available options, see the webhook create command.

worker_pools Sequence[ContainerClusterWorkerPoolArgs]

List of objects - A list of worker pools that exist in the cluster.

workers_infos Sequence[ContainerClusterWorkersInfoArgs]

The worker nodes that you want to update.

Nested scheme for workers_info:

albs List<Property Map>

(List of objects) A list of Ingress application load balancers (ALBs) that are attached to the cluster.

containerClusterId String

(String) The ID of the worker pool.

crn String

(String) The CRN of the cluster.

datacenter String

defaultPoolSize Number

diskEncryption Boolean

entitlement String

Set only for the first time creation of the cluster, modification do not have any impacts.
Set this argument to cloud_pak only if you use this cluster with a Cloud Pak that has an OpenShift entitlement.

forceDeleteStorage Boolean

Force the removal of a cluster and its persistent storage. Deleted data cannot be recovered

gatewayEnabled Boolean

Set to true if you want to automatically create a gateway-enabled cluster. If gateway_enabled is set to true, then private_service_endpoint must be set to true at the same time.

hardware String

imageSecurityEnforcement Boolean

Set to true to enable image security enforcement policies in a cluster.

ingressHostname String

(String) The Ingress host name.

ingressSecret String

(String) The name of the Ingress secret.

kmsConfig Property Map

Used to attach a Key Protect instance to a cluster. Nested kms_config block has an instance_id, crk_id, private_endpoint and account_id.

Nested scheme for kms_config:

kubeVersion String

labels Map<String>

Labels on all the workers in the default worker pool.

machineType String

name String

noSubnet Boolean

operatingSystem String

patchVersion String

podSubnet String

Specify a custom subnet CIDR to provide private IP addresses for pods. The subnet must be at least /23 or more. For more information, refer to Pod subnet.Yes-

privateServiceEndpoint Boolean

privateServiceEndpointUrl String

(String) The URL of the private service endpoint for your cluster.

privateVlanId String

publicServiceEndpoint Boolean

publicServiceEndpointUrl String

(String) The URL of the public service endpoint for your cluster.

publicVlanId String

region String

Deprecated: Deprecated

resourceControllerUrl String

The URL of the IBM Cloud dashboard that can be used to explore and view details about this cluster

resourceCrn String

The crn of the resource

resourceGroupId String

resourceGroupName String

The resource group name in which resource is provisioned

resourceName String

The name of the resource

resourceStatus String

The status of the resource

retryPatchVersion Number

This argument retries the update of patch_version if the previous update fails. Increment the value to retry the update of patch_version on worker nodes.

serverUrl String

(String) The server URL.

serviceSubnet String

Specify a custom subnet CIDR to provide private IP addresses for services. The subnet should be at least /24 or more. For more information, refer to Subnet service.

subnetIds List<String>

The ID of an existing subnet that you want to use for your worker nodes. To find existing subnets, run ibmcloud ks subnets.

tags List<String>

taints List<Property Map>

Nested scheme for taints:

timeouts Property Map

updateAllWorkers Boolean

waitForWorkerUpdate Boolean

waitTill String

wait_till can be configured for Master Ready, One worker Ready, Ingress Ready or Normal

webhooks List<Property Map>

The webhook that you want to add to the cluster. For available options, see the webhook create command.

workerPools List<Property Map>

List of objects - A list of worker pools that exist in the cluster.

workersInfos List<Property Map>

The worker nodes that you want to update.

Nested scheme for workers_info:

Supporting Types

ContainerClusterAlb, ContainerClusterAlbArgs

AlbIp string: (String) The virtual IP address that you want to use for your application load balancer (ALB). Currently supported only for private application load balancer (ALB).
AlbType string: (String) The type of ALB. Supported values are public and private.
DisableDeployment bool: (Bool) Indicate whether to disable deployment only on disable application load balancer (ALB).
Enable bool: (Bool) Indicates if the ALB is enabled (true) or disabled (false) in the cluster.
Id string: (String) The ID of the worker pool.
Name string: The name of the cluster. The name must start with a letter, can contain letters, numbers, and hyphen (-), and must be 35 characters or fewer. Use a name that is unique across regions. The cluster name and the region in which the cluster is deployed form the fully qualified domain name for the Ingress subdomain. To ensure that the Ingress subdomain is unique within a region, the cluster name might be truncated and appended with a random value within the Ingress domain name.
NumOfInstances string: (Integer) The number of ALB replicas.
Resize bool: (Bool) Indicate whether resizing should be done.
State string: (String) The state of the worker pool.

AlbIp string: (String) The virtual IP address that you want to use for your application load balancer (ALB). Currently supported only for private application load balancer (ALB).
AlbType string: (String) The type of ALB. Supported values are public and private.
DisableDeployment bool: (Bool) Indicate whether to disable deployment only on disable application load balancer (ALB).
Enable bool: (Bool) Indicates if the ALB is enabled (true) or disabled (false) in the cluster.
Id string: (String) The ID of the worker pool.
Name string: The name of the cluster. The name must start with a letter, can contain letters, numbers, and hyphen (-), and must be 35 characters or fewer. Use a name that is unique across regions. The cluster name and the region in which the cluster is deployed form the fully qualified domain name for the Ingress subdomain. To ensure that the Ingress subdomain is unique within a region, the cluster name might be truncated and appended with a random value within the Ingress domain name.
NumOfInstances string: (Integer) The number of ALB replicas.
Resize bool: (Bool) Indicate whether resizing should be done.
State string: (String) The state of the worker pool.

albIp String: (String) The virtual IP address that you want to use for your application load balancer (ALB). Currently supported only for private application load balancer (ALB).
albType String: (String) The type of ALB. Supported values are public and private.
disableDeployment Boolean: (Bool) Indicate whether to disable deployment only on disable application load balancer (ALB).
enable Boolean: (Bool) Indicates if the ALB is enabled (true) or disabled (false) in the cluster.
id String: (String) The ID of the worker pool.
name String: The name of the cluster. The name must start with a letter, can contain letters, numbers, and hyphen (-), and must be 35 characters or fewer. Use a name that is unique across regions. The cluster name and the region in which the cluster is deployed form the fully qualified domain name for the Ingress subdomain. To ensure that the Ingress subdomain is unique within a region, the cluster name might be truncated and appended with a random value within the Ingress domain name.
numOfInstances String: (Integer) The number of ALB replicas.
resize Boolean: (Bool) Indicate whether resizing should be done.
state String: (String) The state of the worker pool.

albIp string: (String) The virtual IP address that you want to use for your application load balancer (ALB). Currently supported only for private application load balancer (ALB).
albType string: (String) The type of ALB. Supported values are public and private.
disableDeployment boolean: (Bool) Indicate whether to disable deployment only on disable application load balancer (ALB).
enable boolean: (Bool) Indicates if the ALB is enabled (true) or disabled (false) in the cluster.
id string: (String) The ID of the worker pool.
name string: The name of the cluster. The name must start with a letter, can contain letters, numbers, and hyphen (-), and must be 35 characters or fewer. Use a name that is unique across regions. The cluster name and the region in which the cluster is deployed form the fully qualified domain name for the Ingress subdomain. To ensure that the Ingress subdomain is unique within a region, the cluster name might be truncated and appended with a random value within the Ingress domain name.
numOfInstances string: (Integer) The number of ALB replicas.
resize boolean: (Bool) Indicate whether resizing should be done.
state string: (String) The state of the worker pool.

alb_ip str: (String) The virtual IP address that you want to use for your application load balancer (ALB). Currently supported only for private application load balancer (ALB).
alb_type str: (String) The type of ALB. Supported values are public and private.
disable_deployment bool: (Bool) Indicate whether to disable deployment only on disable application load balancer (ALB).
enable bool: (Bool) Indicates if the ALB is enabled (true) or disabled (false) in the cluster.
id str: (String) The ID of the worker pool.
name str: The name of the cluster. The name must start with a letter, can contain letters, numbers, and hyphen (-), and must be 35 characters or fewer. Use a name that is unique across regions. The cluster name and the region in which the cluster is deployed form the fully qualified domain name for the Ingress subdomain. To ensure that the Ingress subdomain is unique within a region, the cluster name might be truncated and appended with a random value within the Ingress domain name.
num_of_instances str: (Integer) The number of ALB replicas.
resize bool: (Bool) Indicate whether resizing should be done.
state str: (String) The state of the worker pool.

albIp String: (String) The virtual IP address that you want to use for your application load balancer (ALB). Currently supported only for private application load balancer (ALB).
albType String: (String) The type of ALB. Supported values are public and private.
disableDeployment Boolean: (Bool) Indicate whether to disable deployment only on disable application load balancer (ALB).
enable Boolean: (Bool) Indicates if the ALB is enabled (true) or disabled (false) in the cluster.
id String: (String) The ID of the worker pool.
name String: The name of the cluster. The name must start with a letter, can contain letters, numbers, and hyphen (-), and must be 35 characters or fewer. Use a name that is unique across regions. The cluster name and the region in which the cluster is deployed form the fully qualified domain name for the Ingress subdomain. To ensure that the Ingress subdomain is unique within a region, the cluster name might be truncated and appended with a random value within the Ingress domain name.
numOfInstances String: (Integer) The number of ALB replicas.
resize Boolean: (Bool) Indicate whether resizing should be done.
state String: (String) The state of the worker pool.

ContainerClusterKmsConfig, ContainerClusterKmsConfigArgs

CrkId string: The ID of the customer root key (CRK).
InstanceId string: The GUID of the Key Protect instance.
AccountId string: Account ID of KMS instance holder - if not provided, defaults to the account in use.
PrivateEndpoint bool: Set to true to configure the KMS private service endpoint. Default value is false.

CrkId string: The ID of the customer root key (CRK).
InstanceId string: The GUID of the Key Protect instance.
AccountId string: Account ID of KMS instance holder - if not provided, defaults to the account in use.
PrivateEndpoint bool: Set to true to configure the KMS private service endpoint. Default value is false.

crkId String: The ID of the customer root key (CRK).
instanceId String: The GUID of the Key Protect instance.
accountId String: Account ID of KMS instance holder - if not provided, defaults to the account in use.
privateEndpoint Boolean: Set to true to configure the KMS private service endpoint. Default value is false.

crkId string: The ID of the customer root key (CRK).
instanceId string: The GUID of the Key Protect instance.
accountId string: Account ID of KMS instance holder - if not provided, defaults to the account in use.
privateEndpoint boolean: Set to true to configure the KMS private service endpoint. Default value is false.

crk_id str: The ID of the customer root key (CRK).
instance_id str: The GUID of the Key Protect instance.
account_id str: Account ID of KMS instance holder - if not provided, defaults to the account in use.
private_endpoint bool: Set to true to configure the KMS private service endpoint. Default value is false.

crkId String: The ID of the customer root key (CRK).
instanceId String: The GUID of the Key Protect instance.
accountId String: Account ID of KMS instance holder - if not provided, defaults to the account in use.
privateEndpoint Boolean: Set to true to configure the KMS private service endpoint. Default value is false.

ContainerClusterTaint, ContainerClusterTaintArgs

Effect string: Effect for taint. Accepted values are NoSchedule, PreferNoSchedule, and NoExecute.
Key string: Key for taint.
Value string: Value for taint.

Effect string: Effect for taint. Accepted values are NoSchedule, PreferNoSchedule, and NoExecute.
Key string: Key for taint.
Value string: Value for taint.

effect String: Effect for taint. Accepted values are NoSchedule, PreferNoSchedule, and NoExecute.
key String: Key for taint.
value String: Value for taint.

effect string: Effect for taint. Accepted values are NoSchedule, PreferNoSchedule, and NoExecute.
key string: Key for taint.
value string: Value for taint.

effect str: Effect for taint. Accepted values are NoSchedule, PreferNoSchedule, and NoExecute.
key str: Key for taint.
value str: Value for taint.

effect String: Effect for taint. Accepted values are NoSchedule, PreferNoSchedule, and NoExecute.
key String: Key for taint.
value String: Value for taint.

ContainerClusterTimeouts, ContainerClusterTimeoutsArgs

Create string
Delete string
Update string

Create string
Delete string
Update string

create String
delete String
update String

create string
delete string
update string

create str
delete str
update str

create String
delete String
update String

ContainerClusterWebhook, ContainerClusterWebhookArgs

Level string
Type string
Url string

Level string
Type string
Url string

level String
type String
url String

level string
type string
url string

level str
type str
url str

level String
type String
url String

ContainerClusterWorkerPool, ContainerClusterWorkerPoolArgs

Hardware string: The level of hardware isolation for worker nodes in the default worker pool. Use dedicated to have available physical resources dedicated to you only, or shared to allow physical resources to be shared with other IBM customers. This option is available for virtual machine worker node flavors only. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.
Id string: (String) The ID of the worker pool.
Labels Dictionary<string, string>: Labels on all the workers in the default worker pool.
MachineType string: The machine type for the worker nodes in the default worker pool. The machine type determines the amount of memory, CPU, and disk space that is available to the worker node. For an overview of supported machine types, see Planning your worker node setup. You can retrieve the value by executing the ibmcloud ks flavor ls --zone <zone> command in the IBM Cloud CLI. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.
Name string: The name of the cluster. The name must start with a letter, can contain letters, numbers, and hyphen (-), and must be 35 characters or fewer. Use a name that is unique across regions. The cluster name and the region in which the cluster is deployed form the fully qualified domain name for the Ingress subdomain. To ensure that the Ingress subdomain is unique within a region, the cluster name might be truncated and appended with a random value within the Ingress domain name.
SizePerZone double: (Integer) The number of worker nodes per zone.
State string: (String) The state of the worker pool.
Zones List<ContainerClusterWorkerPoolZone>: List of objects - A list of zones that are attached to the worker pool.

Hardware string: The level of hardware isolation for worker nodes in the default worker pool. Use dedicated to have available physical resources dedicated to you only, or shared to allow physical resources to be shared with other IBM customers. This option is available for virtual machine worker node flavors only. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.
Id string: (String) The ID of the worker pool.
Labels map[string]string: Labels on all the workers in the default worker pool.
MachineType string: The machine type for the worker nodes in the default worker pool. The machine type determines the amount of memory, CPU, and disk space that is available to the worker node. For an overview of supported machine types, see Planning your worker node setup. You can retrieve the value by executing the ibmcloud ks flavor ls --zone <zone> command in the IBM Cloud CLI. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.
Name string: The name of the cluster. The name must start with a letter, can contain letters, numbers, and hyphen (-), and must be 35 characters or fewer. Use a name that is unique across regions. The cluster name and the region in which the cluster is deployed form the fully qualified domain name for the Ingress subdomain. To ensure that the Ingress subdomain is unique within a region, the cluster name might be truncated and appended with a random value within the Ingress domain name.
SizePerZone float64: (Integer) The number of worker nodes per zone.
State string: (String) The state of the worker pool.
Zones []ContainerClusterWorkerPoolZone: List of objects - A list of zones that are attached to the worker pool.

hardware String: The level of hardware isolation for worker nodes in the default worker pool. Use dedicated to have available physical resources dedicated to you only, or shared to allow physical resources to be shared with other IBM customers. This option is available for virtual machine worker node flavors only. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.
id String: (String) The ID of the worker pool.
labels Map<String,String>: Labels on all the workers in the default worker pool.
machineType String: The machine type for the worker nodes in the default worker pool. The machine type determines the amount of memory, CPU, and disk space that is available to the worker node. For an overview of supported machine types, see Planning your worker node setup. You can retrieve the value by executing the ibmcloud ks flavor ls --zone <zone> command in the IBM Cloud CLI. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.
name String: The name of the cluster. The name must start with a letter, can contain letters, numbers, and hyphen (-), and must be 35 characters or fewer. Use a name that is unique across regions. The cluster name and the region in which the cluster is deployed form the fully qualified domain name for the Ingress subdomain. To ensure that the Ingress subdomain is unique within a region, the cluster name might be truncated and appended with a random value within the Ingress domain name.
sizePerZone Double: (Integer) The number of worker nodes per zone.
state String: (String) The state of the worker pool.
zones List<ContainerClusterWorkerPoolZone>: List of objects - A list of zones that are attached to the worker pool.

hardware string: The level of hardware isolation for worker nodes in the default worker pool. Use dedicated to have available physical resources dedicated to you only, or shared to allow physical resources to be shared with other IBM customers. This option is available for virtual machine worker node flavors only. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.
id string: (String) The ID of the worker pool.
labels {[key: string]: string}: Labels on all the workers in the default worker pool.
machineType string: The machine type for the worker nodes in the default worker pool. The machine type determines the amount of memory, CPU, and disk space that is available to the worker node. For an overview of supported machine types, see Planning your worker node setup. You can retrieve the value by executing the ibmcloud ks flavor ls --zone <zone> command in the IBM Cloud CLI. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.
name string: The name of the cluster. The name must start with a letter, can contain letters, numbers, and hyphen (-), and must be 35 characters or fewer. Use a name that is unique across regions. The cluster name and the region in which the cluster is deployed form the fully qualified domain name for the Ingress subdomain. To ensure that the Ingress subdomain is unique within a region, the cluster name might be truncated and appended with a random value within the Ingress domain name.
sizePerZone number: (Integer) The number of worker nodes per zone.
state string: (String) The state of the worker pool.
zones ContainerClusterWorkerPoolZone[]: List of objects - A list of zones that are attached to the worker pool.

hardware str: The level of hardware isolation for worker nodes in the default worker pool. Use dedicated to have available physical resources dedicated to you only, or shared to allow physical resources to be shared with other IBM customers. This option is available for virtual machine worker node flavors only. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.
id str: (String) The ID of the worker pool.
labels Mapping[str, str]: Labels on all the workers in the default worker pool.
machine_type str: The machine type for the worker nodes in the default worker pool. The machine type determines the amount of memory, CPU, and disk space that is available to the worker node. For an overview of supported machine types, see Planning your worker node setup. You can retrieve the value by executing the ibmcloud ks flavor ls --zone <zone> command in the IBM Cloud CLI. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.
name str: The name of the cluster. The name must start with a letter, can contain letters, numbers, and hyphen (-), and must be 35 characters or fewer. Use a name that is unique across regions. The cluster name and the region in which the cluster is deployed form the fully qualified domain name for the Ingress subdomain. To ensure that the Ingress subdomain is unique within a region, the cluster name might be truncated and appended with a random value within the Ingress domain name.
size_per_zone float: (Integer) The number of worker nodes per zone.
state str: (String) The state of the worker pool.
zones Sequence[ContainerClusterWorkerPoolZone]: List of objects - A list of zones that are attached to the worker pool.

hardware String: The level of hardware isolation for worker nodes in the default worker pool. Use dedicated to have available physical resources dedicated to you only, or shared to allow physical resources to be shared with other IBM customers. This option is available for virtual machine worker node flavors only. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.
id String: (String) The ID of the worker pool.
labels Map<String>: Labels on all the workers in the default worker pool.
machineType String: The machine type for the worker nodes in the default worker pool. The machine type determines the amount of memory, CPU, and disk space that is available to the worker node. For an overview of supported machine types, see Planning your worker node setup. You can retrieve the value by executing the ibmcloud ks flavor ls --zone <zone> command in the IBM Cloud CLI. This field only affects cluster creation, to manage the default worker pool, create a dedicated worker pool resource.
name String: The name of the cluster. The name must start with a letter, can contain letters, numbers, and hyphen (-), and must be 35 characters or fewer. Use a name that is unique across regions. The cluster name and the region in which the cluster is deployed form the fully qualified domain name for the Ingress subdomain. To ensure that the Ingress subdomain is unique within a region, the cluster name might be truncated and appended with a random value within the Ingress domain name.
sizePerZone Number: (Integer) The number of worker nodes per zone.
state String: (String) The state of the worker pool.
zones List<Property Map>: List of objects - A list of zones that are attached to the worker pool.

ContainerClusterWorkerPoolZone, ContainerClusterWorkerPoolZoneArgs

PrivateVlan string: (String) The ID of the private VLAN that is used in that zone.
PublicVlan string: (String) The ID of the private VLAN that is used in that zone.
WorkerCount double: (Integer) The number of worker nodes that are attached to the zone.
Zone string: (String) The name of the zone.

PrivateVlan string: (String) The ID of the private VLAN that is used in that zone.
PublicVlan string: (String) The ID of the private VLAN that is used in that zone.
WorkerCount float64: (Integer) The number of worker nodes that are attached to the zone.
Zone string: (String) The name of the zone.

privateVlan String: (String) The ID of the private VLAN that is used in that zone.
publicVlan String: (String) The ID of the private VLAN that is used in that zone.
workerCount Double: (Integer) The number of worker nodes that are attached to the zone.
zone String: (String) The name of the zone.

privateVlan string: (String) The ID of the private VLAN that is used in that zone.
publicVlan string: (String) The ID of the private VLAN that is used in that zone.
workerCount number: (Integer) The number of worker nodes that are attached to the zone.
zone string: (String) The name of the zone.

private_vlan str: (String) The ID of the private VLAN that is used in that zone.
public_vlan str: (String) The ID of the private VLAN that is used in that zone.
worker_count float: (Integer) The number of worker nodes that are attached to the zone.
zone str: (String) The name of the zone.

privateVlan String: (String) The ID of the private VLAN that is used in that zone.
publicVlan String: (String) The ID of the private VLAN that is used in that zone.
workerCount Number: (Integer) The number of worker nodes that are attached to the zone.
zone String: (String) The name of the zone.

ContainerClusterWorkersInfo, ContainerClusterWorkersInfoArgs

Id string: The ID of the worker node that you want to update.
PoolName string: (String) The name of the worker pool the worker node belongs to.
Version string: The Kubernetes version that you want to update your worker nodes to.

Id string: The ID of the worker node that you want to update.
PoolName string: (String) The name of the worker pool the worker node belongs to.
Version string: The Kubernetes version that you want to update your worker nodes to.

id String: The ID of the worker node that you want to update.
poolName String: (String) The name of the worker pool the worker node belongs to.
version String: The Kubernetes version that you want to update your worker nodes to.

id string: The ID of the worker node that you want to update.
poolName string: (String) The name of the worker pool the worker node belongs to.
version string: The Kubernetes version that you want to update your worker nodes to.

id str: The ID of the worker node that you want to update.
pool_name str: (String) The name of the worker pool the worker node belongs to.
version str: The Kubernetes version that you want to update your worker nodes to.

id String: The ID of the worker node that you want to update.
poolName String: (String) The name of the worker pool the worker node belongs to.
version String: The Kubernetes version that you want to update your worker nodes to.

Import

The ibm_container_cluster can be imported by using cluster_id.

Syntax

$ pulumi import ibm:index/containerCluster:ContainerCluster example <cluster_id>

Example

$ pulumi import ibm:index/containerCluster:ContainerCluster example c1di75fd0qpn1amo5hng

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: ibm ibm-cloud/terraform-provider-ibm
License
Notes: This Pulumi package is based on the ibm Terraform Provider.

ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud

ibm-cloud/terraform-provider-ibm

ibm.ContainerCluster

On this page

On this page

Example Usage

Classic IBM Cloud Kubernetes Service cluster

Create the Kubernetes cluster with a default worker pool with 2 workers and one standalone worker as mentioned by worker_num:

Create a Gateway enabled Kubernetes cluster:

Create a kms enabled Kubernetes cluster:

Create the Openshift Cluster with default worker pool entitlement:

VPC Generation 2 IBM Cloud Kubernetes Service cluster

Create ContainerCluster Resource

Constructor syntax

Parameters

Constructor example

ContainerCluster Resource Properties

Inputs

Outputs

Look up Existing ContainerCluster Resource

Supporting Types

ContainerClusterAlb, ContainerClusterAlbArgs

ContainerClusterKmsConfig, ContainerClusterKmsConfigArgs

ContainerClusterTaint, ContainerClusterTaintArgs

ContainerClusterTimeouts, ContainerClusterTimeoutsArgs

ContainerClusterWebhook, ContainerClusterWebhookArgs

ContainerClusterWorkerPool, ContainerClusterWorkerPoolArgs

ContainerClusterWorkerPoolZone, ContainerClusterWorkerPoolZoneArgs

ContainerClusterWorkersInfo, ContainerClusterWorkersInfoArgs

Import

Package Details

On this page

On this page