diff --git a/locals.tf b/locals.tf
index 18ae216..975fd5d 100644
--- a/locals.tf
+++ b/locals.tf
@@ -7,6 +7,7 @@ locals {
     K8s     = local.k8s_name
   }
   vswitch_ids = length(var.vswitch_ids) > 0 ? var.vswitch_ids : alicloud_vswitch.new.*.id
+  pod_vswitch_ids = length(var.terway_vswitch_ids) > 0 ? var.terway_vswitch_ids : alicloud_vswitch.terway.*.id
 }
 
 resource "random_uuid" "this" {}
\ No newline at end of file
diff --git a/main.tf b/main.tf
index 4ebe60e..132c7f9 100644
--- a/main.tf
+++ b/main.tf
@@ -11,16 +11,18 @@ resource "alicloud_cs_managed_kubernetes" "this" {
   count                 = length(local.vswitch_ids) > 0 ? 1 : 0
   name                  = local.k8s_name
   worker_vswitch_ids    = local.vswitch_ids
+  pod_vswitch_ids       = local.pod_vswitch_ids
   new_nat_gateway       = var.new_vpc == true ? false : var.new_nat_gateway
   worker_disk_category  = var.worker_disk_category
-  password              = var.ecs_password
+  
   pod_cidr              = var.k8s_pod_cidr
   service_cidr          = var.k8s_service_cidr
   slb_internet_enabled  = true
-  install_cloud_monitor = true
   version               = var.kubernetes_version
+  runtime               = var.runtime
   worker_instance_types = var.worker_instance_types
   worker_number         = var.worker_number
+  
   dynamic "addons" {
     for_each = var.cluster_addons
     content {
@@ -28,10 +30,72 @@ resource "alicloud_cs_managed_kubernetes" "this" {
       config = lookup(addons.value, "config", var.cluster_addons)
     }
   }
+
   kube_config     = var.kube_config_path
   client_cert     = var.client_cert_path
   client_key      = var.client_key_path
   cluster_ca_cert = var.cluster_ca_cert_path
 
+  password   = length(var.ecs_password) > 0 ? var.ecs_password: null
+  enable_ssh = var.enable_ssh
+  key_name   = length(var.key_name) > 0 ? var.key_name : null
+
+  dynamic "maintenance_window" {
+    for_each = var.maintenance_window.enable ? [var.maintenance_window] : []
+
+    content {
+      enable            = maintenance_window.value.enable
+      maintenance_time  = maintenance_window.value.maintenance_time
+      duration          = maintenance_window.value.duration
+      weekly_period     = maintenance_window.value.weekly_period
+    }
+  }
+
+  tags = var.tags
+
   depends_on = [alicloud_snat_entry.new]
-}
\ No newline at end of file
+}
+
+resource "alicloud_cs_kubernetes_node_pool" "autoscaling" {
+  for_each = var.node_pools
+
+  name                 = each.key
+  cluster_id           = alicloud_cs_managed_kubernetes.this[0].id
+  vswitch_ids          = local.vswitch_ids
+  instance_types       = each.value.node_instance_types
+  system_disk_category = "cloud_efficiency"
+  system_disk_size     = each.value.system_disk_size
+  node_count           = each.value.node_count
+
+  install_cloud_monitor = true
+  
+  key_name = var.key_name
+
+  scaling_config {
+    min_size                 = each.value.node_min_number
+    max_size                 = each.value.node_max_number
+    is_bond_eip              = each.value.node_bind_eip
+    eip_internet_charge_type = "PayByTraffic"
+    eip_bandwidth            = 5
+  }
+
+  management {
+    auto_repair     = each.value.auto_repair
+    auto_upgrade    = each.value.auto_upgrade
+    surge           = each.value.surge
+    max_unavailable = each.value.max_unavailable
+  }
+
+  # spot config
+  # spot_strategy = "SpotWithPriceLimit"
+  # spot_price_limit {
+  #   instance_type = data.alicloud_instance_types.default.instance_types.0.id
+  #   # Different instance types have different price caps
+  #   price_limit = "0.70"
+  # }
+
+  tags = merge(
+    each.value.tags,
+    var.tags,
+  )
+}
diff --git a/variables.tf b/variables.tf
index 39df147..ed6071a 100644
--- a/variables.tf
+++ b/variables.tf
@@ -48,6 +48,18 @@ variable "vswitch_cidrs" {
   default     = ["192.168.1.0/24"]
 }
 
+variable "terway_vswitch_ids" {
+  description = "List Ids of existing vswitch."
+  type        = list(string)
+  default     = []
+}
+
+variable "terway_vswitch_cidrs" {
+  description = "List cidr blocks used to create several new vswitches when 'new_vpc' is true."
+  type        = list(string)
+  default     = ["192.168.1.0/24"]
+}
+
 variable "availability_zones" {
   description = "List available zone ids used to create several new vswitches when 'vswitch_ids' is not specified. If not set, data source `alicloud_zones` will return one automatically."
   type        = list(string)
@@ -83,6 +95,26 @@ variable "kubernetes_version" {
   default     = ""
 }
 
+variable "runtime" {
+  description = "The runtime of containers."
+  type = map(string)
+  default = {
+    name    = "docker"
+    version = "19.03.15"
+  }
+}
+
+variable "maintenance_window" {
+  type = map(string)
+  description = "The cluster maintenance window."
+  default = {
+    enable            = true
+    maintenance_time  = "01:00:00Z"
+    duration          = "3h"
+    weekly_period     = "Monday,Friday"
+  }
+}
+
 variable "worker_instance_types" {
   description = "The ecs instance type used to launch worker nodes. If not set, data source `alicloud_instance_types` will return one based on `cpu_core_count` and `memory_size`."
   type        = list(string)
@@ -113,7 +145,7 @@ variable "worker_disk_size" {
 variable "ecs_password" {
   description = "The password of worker nodes."
   type        = string
-  default     = "Abc12345"
+  default     = ""
 }
 
 variable "worker_number" {
@@ -176,4 +208,41 @@ variable "cluster_ca_cert_path" {
   description = "The path of cluster ca certificate, like ~/.kube/cluster-ca-cert.pem"
   type        = string
   default     = ""
+}
+
+variable "enable_ssh" {
+  type        = bool
+  description = "Enable login to the node through SSH"
+}
+
+variable "key_name" {
+  description = "The keypair of ssh login cluster node"
+  type        = string
+}
+
+variable "tags" {
+  type        = map(string)
+  description = "Tags associated to the resources"
+  default = {
+    "Made-By" = "Managed by Terraform"
+  }
+}
+
+variable "node_pools" {
+  description = "Kubernetes node pools"
+  type = map(object({
+    node_count          = number
+    node_min_number     = number
+    node_max_number     = number
+    node_bind_eip       = bool
+    node_instance_types = list(string)
+    system_disk_category = string
+    system_disk_size    = number
+    auto_repair         = bool
+    auto_upgrade        = bool
+    max_unavailable     = number
+    surge               = number
+    tags                = map(string)
+  }))
+  default = {}
 }
\ No newline at end of file
diff --git a/vpc.tf b/vpc.tf
index fab8ea8..05d30de 100644
--- a/vpc.tf
+++ b/vpc.tf
@@ -28,6 +28,15 @@ resource "alicloud_vswitch" "new" {
   tags              = local.new_vpc_tags
 }
 
+resource "alicloud_vswitch" "terway" {
+  count             = var.new_vpc == true ? length(var.terway_vswitch_cidrs) : 0
+  vpc_id            = concat(alicloud_vpc.new.*.id, [""])[0]
+  cidr_block        = element(var.terway_vswitch_cidrs, count.index)
+  availability_zone = length(var.availability_zones) > 0 ? element(var.availability_zones, count.index) : element(data.alicloud_zones.default.ids.*, count.index)
+  name              = format("%s-terway", local.new_vpc_name)
+  tags              = local.new_vpc_tags
+}
+
 resource "alicloud_nat_gateway" "new" {
   count  = var.new_vpc == true ? 1 : 0
   vpc_id = concat(alicloud_vpc.new.*.id, [""])[0]